TMCnet News
New Version of GrammaTech CodeSonar® Provides Deeper Integration of SAST within DevOps PipelinesGrammaTech, a leading provider of application security testing products and software research services, today announced a new version of its CodeSonar® SAST (static application security testing) product that helps developers build safer and more secure code without disrupting workflows. CodeSonar 6.0 features visualization and analysis enhancements, GitLab integration as well as additional language and compiler support requested by 500 plus GrammaTech (News - Alert) customers to support their transition to DevSecOps practices. "Fundamentally, development teams need to be onboard, trained, equipped and motivated to do secure development (sometimes referred to as DevSecOps). The design approach should include basic coding standards that help developers avoid building apps with exploitable bugs and operational vulnerabilities," said Steve Lipner, executive director of SAFECode, a global nonprofit organization that brings business leaders and technical experts together to exchange insights and ideas on creating, improving and promoting scalable and effective software security programs. New capabilities in CodeSonar 6.0 make it easier for developers to avoid security and safety defects by automating the detection of problems and identifying best practice violations within their development environments. Providing SAST embedded in continuous integration/continuous delivery (CI/CD) pipelines is a critical component for shifting left and baking security into DevOps workflows. Several key enhancements in CodeSonar include: b>Visualization
Analysis
Languages
Compiler Models
"Reflecting the market in general, our customers are moving from post-build testing to making security an integral part of their development processes," said Vince Arneja, Chief Product Officer for GrammaTech. "This latest release of CodeSonar builds on our powerful static analysis capabilities to detect potential vulnerabilities, while making it infinitely easier to integrate SAST within DevOps pipelines without interrupting or slowing down developers." Availability CodeSonar 6.0 is available immediately from GrammaTech and its business partners worldwide. For more information or to obtain an evaluation please visit www.grammatech.com. About GrammaTech GrammaTech is a leading global provider of application security testing (AST) solutions used by the world's most security conscious organizations to detect, measure, analyze and resolve vulnerabilities for software they develop or use. The company is also a trusted cybersecurity and artificial intelligence research partner for the nation's civil, defense, and intelligence agencies. GrammaTech has corporate headquarters in Bethesda MD with a Research and Development Center in Ithaca NY. Visit us at https://www.grammatech.com/, and follow us on LinkedIn and Twitter. CodeSonar® is a registered trademark of GrammaTech, Inc.
View source version on businesswire.com: https://www.businesswire.com/news/home/20210408005190/en/ |