
The products division of GrammaTech has been acquired by Battery Ventures. The new company name is CodeSecure, Inc. There are no changes regarding your contact persons and the tool names.
CodeSentry
Binary Software Composition Analysis
It has long become common practice to use third-party software in applications. Nowadays, approximately 90% of corporations use third-party software and 95% of proprietary or custom software applications they develop contain third party components. Third-party code represents an unknown variable and a potential security threat.
CodeSentry addresses this issue by assessing third-party software inventory and risk, thus allowing security professionals to measure and manage the risk associated with open source vulnerabilities in third-party software quickly and easily.
Securing the Modern Software Stack
CodeSecure’s pioneering binary code analysis research lay the foundations for CodeSentry. This technology does not need source code in order to achieve deep scalable analysis and can be adopted enterprise wide. Compared to conventional SCA tools, binary analysis is both more efficient and less error prone. Moreover, CodeSentry shows high precision and recall results i.e. fewer missed vulnerabilities and fewer false positives. Code Sentry’s key asset is the ability to assess – at the binary level – both open source software and third-party software which is now commonly in use.What is CodeSentry Binary Software Composition Analysis?
CodeSentry employs multiple component matching algorithms which provide speed and accuracy of component detection across different Instruction Set Architectures (ISAs) and compilers. By applying properties ranging from lexical information like the contents of strings, up to deep semantic abstractions of high-level logic contained in functions, these algorithms compute and contrast code signature.
Scan Post-Production Applications, Packages & Containers
Binary Analysis When Source Code Not AvailableCodeSentry is a Binary SCA solution that identifies open-source components and shared dependencies in binaries, including firmware, containers, and mobile or desktop applications. The resulting component inventory is reported through a software bill of materials, which is also mapped to VulnDB, the industry’s most complete database of software vulnerabilities.