27 April 2021
Tool specific news: Company
Testwell CMT++/CMTJava
Testwell CTC++
GrammaTech CodeSentry
GrammaTech CodeSonar
Imagix
Events/Seminars
ALL NEWS
Newsletter
You wish to be informed about our latest product news and events?Register here for our Newsletter.
You will receive our news 2-4 times per year (cancellation of your subscription is possible at any time).
Your email and contact data will only be used for our newsletter and will not be forwarded to any other company.
Read our latest newsletter here.
GrammaTech CodeSonar 6.2 Available
(Ithaca/USA, Offenburg/Germany, 21 December 2021)
GrammaTech announces the availability of the static code analysis tool CodeSonar 6.2.This release has several new features and improvements:
- Support for user authentication using SSO to lower the administrative costs for teams.
- Jira Cloud support allows developers to use JIRA for managing tickets and CodeSonar for analysis.
- Improved security warnings with 8 new CERT-C rules and 22 new CERT-CPP rules.
- Support for Android 12 analysis.
- Enhanced path information and explanatory text for Java and C# warnings.
- Support for Windows 11 and Windows Server 2022.
GrammaTech CodeSonar - GitHub Integration
now available!
(Ithaca/USA, Offenburg/Germany, 30 August 2021)
CodeSonar seamlessly integrates into the GitHub Actions enabling developers to address security and functional safety issues without disruption to their software development life cycle (SDLC). Developers working in GitHub get warnings directly from CodeSonar with mappings to industry standards and annotation details to quickly understand warnings and efficiently fix them.GrammaTech CodeSonar is the static application security testing solution developers choose for embedded application development when safety and security matter. More information on GrammaTech's website.
New Version 6.1 of Static Analysis Tool GrammaTech CodeSonar Available
(Ithaca/USA, Offenburg/Germany, 5 August 2021)
GrammaTech announces the availability of CodeSonar 6.1.This release has several new features as well as numerous bug fixes, compatibility updates, and improvements:
- Configurable naming convention checker
- Integrated C# analyzer
- Reports for all supported coding standards such as MISRA, AUTOSAR, CERT, DISA.
- Integration of GitHub CI/CD
- Support for ARMv8 Instruction Set Architecture through CodeSonar for Binaries ed. 6.1
Using GrammaTech CodeSentry and CodeSonar to improve Software Security and comply with IEC 62443
(Ithaca/USA, 18 May 2021)
Exida, a functional safety and certification partner of GrammaTech, has released a white paper on GrammaTech products titled“Using GrammaTech CodeSentry and CodeSonar to Improve Software Security and Comply with IEC 62443.” Exida is similar to TÜV, but based in the US and IEC 62443 is an upcoming standard that many customers in industrial automation are looking at. In order to develop secure code free of vulnerabilities, suppliers are increasingly following a secure development lifecycle to achieve these goals. The IEC 62443-4-1 standard (Security for industrial automation and control systems –Part 4-1: Secure product development lifecycle requirements) defines specific requirements for using a secure development lifecycle in the design, implementation, maintenance and testing of products used in industrial automation and control systems. Grammatech’s CodeSentry and CodeSonar tools can be used to help suppliers comply with this standard. The full report of the white paper is available from GrammaTech's website.
VDC Research Study Finds Only Half of IoT Projects are Testing for Software Security
(Bethesda/USA, 12 May 2021)
A research survey conducted by VDC Research on the state of software supply chain security testing is now available. Despite the fact that third party code in IoT projects has grown 17% in the past five years, only 56% of OEMs have formal policies for testing security. Meanwhile, when asked to rank the importance of security to current projects, 73.6% of respondents said it was important, very important or critical.The full report, Finding Sources of Security in the Complex Software Supply Chains of Tomorrow, is available from GrammaTech's website.
These were the 8th Static Analysis Days 2021
(Offenburg/Germany, 6 May 2021)
Experts from GrammaTech and Imagix from the USA and Verifysoft spoke during both days about refactoring, vulnerability detection, security holes and serious software bugs, complementarity of static and dynamic code analysis, security reviews and application as well as benefits of static code analysis for source code and binary code.
We have compiled some of the presentations for you: find out more now!
New Version 6.0 of Static Analysis Tool GrammaTech CodeSonar Available
(Ithaca / USA, Offenburg / Germany, 6 April 2021)
GrammaTech announces the availability of CodeSonar 6.0.
This release has several new features as well as numerous bug fixes, compatibility updates, and improvements:
For C/C++:
- The C++ parser has been improved, with additional support for C++20 language features and Android 11 analysis.
- New and updated models for several compiler families are available.
- There are several new warning classes.
- The CWE broad mapping has been refined and updated to CWE 4.3.
- CodeSonar 6.0 features our new Java analysis engine, which provides high recall, high precision Java language analysis with broad coverage of CWE security vulnerabilities.
- The new Java engine features support for runtime engines up to Java 14 and is fully integrated into the CodeSonar Hub.
GrammaTech and Verifysoft Congratulate Long Time Customer, Jet Propulsion Laboratory, on their Successful Landing of Perseverance Rover
(Ithaca / USA, Offenburg / Germany, 24 February 2021)
As part of NASA’s Mars Exploration Program, "the Perseverance rover’s landing" was another exciting step towards knowing more about our Martian neighbor.
Jet Propulsion Laboratory (JPL) has been a long-time customer of GrammaTech and Verifysoft. JPL are regular users of the static analysis tool CodeSonar and the code coverage analyser Testwell CTC++ on their software projects. As such, we take great pride in being a small part of their success and achieving their project goals.
Verifysoft with Contributions in the French Standard Book for Software Tests
(Paris, Offenburg, 10 February 2021)
The fourth edition of the French standard book for software tests "Pratique des Tests Logiciels" is now published by the French editor Dunod.
Autors are Professor Jean-François Pradat-Peyre (University of Paris) and Jacques Printz. The foreword to the book was written by Verifysoft CEO Klaus Lambertz (French text). On 256 pages, the book covers all relevant topics relating to software testing. Verifysoft contributes with its expertise in the field of testing embedded systems and the benefits of the combination of static and dynamic code analysis.
The English translation of the chapter is available here.
Webinar: Binaries - The Hidden Side of Software Composition Analysis (SCA)
(Ithaca/New York/USA, 5 February 2021)
- Learn how these hidden vulnerabilities can cause major security headaches
- Discover a new class of SCA products have emerged to meet this challenge
- Hear success stories from GrammaTech and best practices from Forrester on how to implement binary SCA
Watch the recorded webinar here.
GrammaTech Reports 2020 Business Results
(Bethesda/Maryland, 21 January 2021)
Despite the economic impact of the pandemic, GrammaTech today announced record business results for 2020 due to accelerating adoption of its CodeSonar® SAST product, demand for its new CodeSentry™ SCA product, and continued growth in its government research division.GrammaTech added more than 50 new global product customers for its Application Security Testing (AST) products and won nine major research contracts.
Meanwhile, the new software composition analysis tool CodeSentry is already being evaluated by Fortune 500 customers.