The products division of GrammaTech has been acquired by Battery Ventures. The new company name is CodeSecure, Inc. There are no changes regarding your contact persons and the tool names.

CodeSentry
Binary Software Composition Analysis

It has long become common practice to use third-party software in applications. Nowadays, approximately 90% of corporations use third-party software and 95% of proprietary or custom software applications they develop contain third party components. Third-party code represents an unknown variable and a potential security threat.
CodeSentry addresses this issue by assessing third-party software inventory and risk, thus allowing security professionals to measure and manage the risk associated with open source vulnerabilities in third-party software quickly and easily.

Securing the Modern Software Stack

CodeSecure’s pioneering binary code analysis research lay the foundations for CodeSentry. This technology does not need source code in order to achieve deep scalable analysis and can be adopted enterprise wide. Compared to conventional SCA tools, binary analysis is both more efficient and less error prone. Moreover, CodeSentry shows high precision and recall results i.e. fewer missed vulnerabilities and fewer false positives. Code Sentry’s key asset is the ability to assess – at the binary level – both open source software and third-party software which is now commonly in use.

What is CodeSentry Binary Software Composition Analysis?

CodeSentry employs multiple component matching algorithms which provide speed and accuracy of component detection across different Instruction Set Architectures (ISAs) and compilers. By applying properties ranging from lexical information like the contents of strings, up to deep semantic abstractions of high-level logic contained in functions, these algorithms compute and contrast code signature.

Scan Post-Production Applications, Packages & Containers

Binary Analysis When Source Code Not Available
CodeSentry is a Binary SCA solution that identifies open-source components and shared dependencies in binaries, including firmware, containers, and mobile or desktop applications. The resulting component inventory is reported through a software bill of materials, which is also mapped to VulnDB, the industry’s most complete database of software vulnerabilities.

Software Bill of Materials

CodeSentry generates a comprehensive software bill of materials (SBOM) and accounts for known vulnerabilities in the detected components including dependencies. Throughout the software lifecycle, CodeSentry continuously tracks these vulnerabilities. This enables you to have all your applications ready for audit without rework or guesswork – since the SBOM can be embedded along with each application, audit requests become more reliable.

Deep Binary Analysis

The deep scalable binary analysis, on which CodeSentry is based, generate high precision and recall, implying less missed vulnerabilities and less false positives.

Software Re-Use Risk Management

CodeSentry enables security professionals to measure and manage the risk linked to third-party software quickly and easily. This is accomplished by a powerful combination of a comprehensive software bill of materials (SBOM), a detailed list of vulnerabilities and a deep binary analysis; all tracked and managed throughout the software lifecycle.

Further Information

Convince yourself of a SCA solution and request a demo. We will show you how we can rapidly enhance your software development capability.