Binary Software Composition Analysis
It has long become common practice to use third-party software in applications. Nowadays, approximately 90% of corporations use third-party software and 95% of proprietary or custom software applications they develop contain third party components. Third-party code represents an unknown variable and a potential security threat.
CodeSentry addresses this issue by assessing third-party software inventory and risk, thus allowing security professionals to measure and manage the risk associated with open source vulnerabilities in third-party software quickly and easily.
Securing the Modern Software StackGrammaTech’s pioneering binary code analysis research lay the foundations for CodeSentry. This technology does not need source code in order to achieve deep scalable analysis and can be adopted enterprise wide. Compared to conventional SCA tools, binary analysis is both more efficient and less error prone. Moreover, CodeSentry shows high precision and recall results i.e. fewer missed vulnerabilities and fewer false positives. Code Sentry’s key asset is the ability to assess – at the binary level – both open source software and third-party software which is now commonly in use.
What is CodeSentry Binary Software Composition Analysis?CodeSentry employs multiple component matching algorithms which provide speed and accuracy of component detection across different Instruction Set Architectures (ISAs) and compilers. By applying properties ranging from lexical information like the contents of strings, up to deep semantic abstractions of high-level logic contained in functions, these algorithms compute and contrast code signature.
Software Bill of MaterialsCodeSentry generates a comprehensive software bill of materials (SBOM) and accounts for known vulnerabilities in the detected components including dependencies. Throughout the software lifecycle, CodeSentry continuously tracks these vulnerabilities. This enables you to have all your applications ready for audit without rework or guesswork – since the SBOM can be embedded along with each application, audit requests become more reliable.
Deep Binary AnalysisThe deep scalable binary analysis, on which CodeSentry is based, generate high precision and recall, implying less missed vulnerabilities and less false positives.
Software Re-Use Risk ManagementCodeSentry enables security professionals to measure and manage the risk linked to third-party software quickly and easily. This is accomplished by a powerful combination of a comprehensive software bill of materials (SBOM), a detailed list of vulnerabilities and a deep binary analysis; all tracked and managed throughout the software lifecycle.
Free EvaluationConvince yourself of a SCA solution by running it on your own codebase and review the results it issues.
Request a 30-day evaluation license now to determine how GrammaTech technology can rapidly enhance your software development capability.
click to enlarge