industry news
Subscribe Now

Cybersecurity and Service at Forefront of CodeSonar 4.5 Static Analysis Release

Rapid development environment, new secure coding checkers to thwart cybercrime, improved floating point support, and Software Assurance Services come to CodeSonar 4.5 today.

Ithaca, NY (USA) — December 4, 2017 – Software teams looking to improve code quality and security have an updated tool for their toolbox. GrammaTech, a leading provider of software assurance tools and cybersecurity solutions, today announced immediate availability of CodeSonar 4.5, bringing a comprehensive set of enhancements, as well as static-analysis-as-a-service, to the advanced tool.

In addition to the technical updates of the tool, software teams can now reap the benefits of higher code quality even faster with Software Assurance Services, GrammaTech’s offering of static analysis as an on-premises service. GrammaTech’s senior consultants will manage the static analysis workflows and processes, allowing customers to focus on resolving the defects reported even more efficiently.

CodeSonar 4.5 brings a host of new features to software teams seeking to improve their secure software development lifecycle (SDLC). C++ and Python APIs have been introduced allowing software teams to rapidly build domain specific checks to express their design invariants for CodeSonar to evaluate. An API is also available to quickly add support for new compilers. Additionally, improved floating point support allows CodeSonar to find more defects in code paths that rely on decisions involving floating point computations.

New checkers have been made available in CodeSonar 4.5 to detect malicious code that has purposely or inadvertently been added into code.  These checkers help combat the rise of cybercrime within companies. According to an IBM study, 32% of attackers are insiders and 24% are “inadvertent actors” (e.g. people making mistakes that lead to a system breach or incorrect behavior). The new checkers highlight suspicious code before it can pose a problem in deployed systems.

“This release underlines GrammaTech’s commitment to helping our customers improve their software assurance processes,” says Mark Hermeling at GrammaTech. “CodeSonar growth rate is double the market growth, which shows our customers’ appreciation for our continued efforts and innovation.”

The update is available as a free upgrade to all licensed customers under active support and maintenance contracts. A 30-day free trial of CodeSonar 4.5 is also available at go.grammatech.com.

About GrammaTech:

GrammaTech’s advanced static analysis tools are used by software developers worldwide, spanning a myriad of embedded software industries including avionics, government, medical, military, industrial control, and other applications where reliability and security are paramount. Originally developed within Cornell University, GrammaTech is now a leading research center for software security and a commercial vendor of software-assurance tools and advanced cyber-security solutions. With both static and dynamic analysis tools that analyze source code as well as binary executables, GrammaTech continues to advance the science of superior software analysis, providing technology for developers to produce safer software. For more information, visit www.grammatech.com or follow us on LinkedIn.

Leave a Reply

featured blogs
Jun 22, 2018
A myriad of mechanical and electrical specifications must be considered when selecting the best connector system for your design. An incomplete, first-pass list of considerations include the type of termination, available footprint space, processing and operating temperature...
Jun 22, 2018
You can't finish the board before the schematic, but you want it done pretty much right away, before marketing changes their minds again!...
Jun 22, 2018
Last time I worked for Cadence in the early 2000s, Adriaan Ligtenberg ran methodology services and, in particular, something we called Virtual CAD. The idea of Virtual CAD was to allow companies to outsource their CAD group to Cadence. In effect, we would be the CAD group for...
Jun 7, 2018
If integrating an embedded FPGA (eFPGA) into your ASIC or SoC design strikes you as odd, it shouldn'€™t. ICs have been absorbing almost every component on a circuit board for decades, starting with transistors, resistors, and capacitors '€” then progressing to gates, ALUs...
May 24, 2018
Amazon has apparently had an Echo hiccup of the sort that would give customers bad dreams. It sent a random conversation to a random contact. A couple had installed numerous Alexa-enabled devices in the home. At some point, they had a conversation '€“ as couples are wont to...