Eliminating Vulnerabilities in Third-Party Code with Binary Analysis

Prevent Cybercrime and Insider Attacks in Your Company with Static Analysis

Read the document

Protecting Security-Sensitive Software From Spectre

Protection against Spectre attacks added to GrammaTech’s Cyber Hardening Services for Intel and AMD processors.

Read Article

What's New in CodeSonar 4.5?

INTRODUCTION: The latest release of CodeSonar, version 4.5, has updates in key areas and innovations that include detecting insider attacks, a new Python API, and compiler model...

Read Article

Thwarting Insider Attacks with Advanced Static Analysis

INTRODUCTION: The security threat posed by insiders is often underestimated. According to an IBM study, 32% of attackers are insiders and 24% are “inadvertent actors” (e.g. people...

Read Article

Thwarting Insider Attacks with Advanced Static Analysis

INTRODUCTION: The security threat posed by insiders is often underestimated. According to an IBM study, 32% of attackers are insiders and 24% are “inadvertent actors” (e.g. people...

Read Article

Using CodeSonar for Software Supply Chain Risk Management

The software supply chain is a growing concern in software development. Security, in particular, of third party software is a risk that needs to be evaluated and managed. Binary code...

Read Article

Software Supply Chain: Risk and Reward

INTRODUCTION: The recent interest in the so called “software supply chain” highlights the growing importance of using and reusing existing software. Companies realize they need to buy...

Read Article

The Advantages of Hybrid Source and Binary Static Analysis

INTRODUCTION: GrammaTech brought unique binary code analysis to the market in 2013. Before then, the only option for binary analysis was to ship your code to specialists who would...

Read Article

Reducing the Risk of the Software Supply Chain in Medical Devices

INTRODUCTION: Medical devices rely on third-party and in-house existing software as needed, to meet functionality, cost, and time-to-market concerns. Although software of unknown...

Read Article

How Vulnerable Are You?

INTRODUCTION: The promise of static analysis is compelling but our most frequently-asked question is, "Where do we start?" Security is a top-of-mind concern, so we are also frequently...

Read Article

Don’t trust any input! Prevent vulnerabilities from becoming exploits with tainted data analysis

INTRODUCTION: One of the most common attack vectors is user (or other) input into a system. It's very risky to assume that input is well-formed, yet people still do, and it is still a...

Read Article

2:32

CodeSonar's Visual Tainted Data Analysis

CodeSonar's tainted dataflow analysis allows you to explore potentially dangerous data flows in a clear, visual way.

Watch Video

GrammaTech Adds Hardening Techniques to Software Assurance Portfolio

Ithaca, NY — GrammaTech, a leading provider of software assurance, hardening, and cyber-security solutions, today announced the development of technologies for advanced software hardening. Most...

Read Article

Improving Quality and Security with Binary Analysis

INTRODUCTION: Companies serious about quality, safety, and security need to manage the risks in their supply chain, including software such as commercial of the shelf (COTS) and free and open...

Read Article

Step Four: Security Assurance for IoT Devices - Assessing third party code

INTRODUCTION:

Read Article

Performing a Security Audit with CodeSonar

Inspired by a recent demonstration to a CodeSonar customer, I helped put together a 7-minute video on performing security audits with CodeSonar. Yes, I know what you're thinking... "7 minutes is...

Read Article

7:42

Performing a Security Audit with CodeSonar

In this tutorial, we describe how to approach security auditing, using CodeSonar.

Watch Video

The Sony Hack and Securing the Software Supply Chain

The latest attack on Sony Pictures by malicious hackers continues to evolve as an international story line. What we know at present is that the FBI has officially blamed North Korea for the attack...

Read Article

Eliminating Vulnerabilities in Third-Party Code with Binary Analysis

Previous Article

Next Article

Eliminating Vulnerabilities in Third-Party Code with Binary Analysis

Previous Article

Next Article

Other content on this topic

Protection against Spectre attacks added to GrammaTech’s Cyber Hardening Services for Intel and AMD processors.

INTRODUCTION: The latest release of CodeSonar, version 4.5, has updates in key areas and innovations that include detecting insider attacks, a new Python API, and compiler model...

INTRODUCTION: The security threat posed by insiders is often underestimated. According to an IBM study, 32% of attackers are insiders and 24% are “inadvertent actors” (e.g. people...

INTRODUCTION: The security threat posed by insiders is often underestimated. According to an IBM study, 32% of attackers are insiders and 24% are “inadvertent actors” (e.g. people...

The software supply chain is a growing concern in software development. Security, in particular, of third party software is a risk that needs to be evaluated and managed. Binary code...

INTRODUCTION: The recent interest in the so called “software supply chain” highlights the growing importance of using and reusing existing software. Companies realize they need to buy...

INTRODUCTION: GrammaTech brought unique binary code analysis to the market in 2013. Before then, the only option for binary analysis was to ship your code to specialists who would...

INTRODUCTION: Medical devices rely on third-party and in-house existing software as needed, to meet functionality, cost, and time-to-market concerns. Although software of unknown...

INTRODUCTION: The promise of static analysis is compelling but our most frequently-asked question is, "Where do we start?" Security is a top-of-mind concern, so we are also frequently...

INTRODUCTION: One of the most common attack vectors is user (or other) input into a system. It's very risky to assume that input is well-formed, yet people still do, and it is still a...

CodeSonar's tainted dataflow analysis allows you to explore potentially dangerous data flows in a clear, visual way.

Ithaca, NY — GrammaTech, a leading provider of software assurance, hardening, and cyber-security solutions, today announced the development of technologies for advanced software hardening. Most...

INTRODUCTION: Companies serious about quality, safety, and security need to manage the risks in their supply chain, including software such as commercial of the shelf (COTS) and free and open...

INTRODUCTION:

Inspired by a recent demonstration to a CodeSonar customer, I helped put together a 7-minute video on performing security audits with CodeSonar. Yes, I know what you're thinking... "7 minutes is...

In this tutorial, we describe how to approach security auditing, using CodeSonar.

The latest attack on Sony Pictures by malicious hackers continues to evolve as an international story line. What we know at present is that the FBI has officially blamed North Korea for the attack...