GrammaTech CodeSentry v2.1 Available

(Ithaca/USA, Offenburg/Germany, 31 August 2021)

Version v2.1 of the Binary Software Composition Analysis tool CodeSentry is now available.
CodeSentry v2.1 includes the following enhancements:

The Binary Scan Vulnerability Report now includes a Table of Contents
Support for the RPM Package Manager (.rpm) archive format
Improved performance of the UI interface
The Summary page can now be sorted by column
Additional scan status information has been added to the Scan Results page
Expanded version recognition of detected components
Overall performance of the UI and services has been improved

GrammaTech CodeSonar - GitHub Integration
now available!

(Ithaca/USA, Offenburg/Germany, 30 August 2021)

CodeSonar seamlessly integrates into the GitHub Actions enabling developers to address security and functional safety issues without disruption to their software development life cycle (SDLC). Developers working in GitHub get warnings directly from CodeSonar with mappings to industry standards and annotation details to quickly understand warnings and efficiently fix them.
GrammaTech CodeSonar is the static application security testing solution developers choose for embedded application development when safety and security matter. More information on GrammaTech's website.

Verifysoft welcomes G3TEK Embedded Technologies as Distributor for Testwell Tools in Turkey

(Offenburg/Germany, Ankara/Turkey, 27 August 2021)

Verifysoft appointed G3TEK Embedded Technologies as distributor for Testwell CTC++ Test Coverage Analyser in Turkey. G3TEK is based in Ankara/Turkey and provides local services and software development solutions for embedded / real-time applications. The company helps its customers reduce their expenses and get to the market on time. It produces solutions in the fields of defense, aerospace, energy, rail systems and automotive. G3TEK provides software development tools for embedded / real-time applications, DO-178 B/C certifiable RTOS, middleware libraries, UML & SysML modeling tools, static analysis tools, GUI development tools and JTAG emulators. More information is available from G3TEK’s website.
Testwell CTC++ is the leading code coverage analyzer for embedded software. The tool is currently successfully used by 700+ customers in 39 countries.

Testwell CTC++: Version 9.1.2 Available

(Offenburg/Germany, 5 August 2021)

Verifysoft has released a new version (9.1.2) of Testwell CTC++ Code Coverage Analyser. Customer with valid software maintenance can download the new version 9.1.2 of the Code Coverage Analyser via the Verifysoft Customer Area. If you are customer and you don't have the credentials for our download platform, please contact us.

New Version 6.1 of Static Analysis Tool GrammaTech CodeSonar Available

(Ithaca/USA, Offenburg/Germany, 5 August 2021)

GrammaTech announces the availability of CodeSonar 6.1.
This release has several new features as well as numerous bug fixes, compatibility updates, and improvements:

Configurable naming convention checker
Integrated C# analyzer
Reports for all supported coding standards such as MISRA, AUTOSAR, CERT, DISA.
Integration of GitHub CI/CD
Support for ARMv8 Instruction Set Architecture through CodeSonar for Binaries ed. 6.1

GrammaTech CodeSentry v2.0 now Available

(Ithaca/USA, 5 July 2021)

Version v2.0 of the Binary Software Composition Analysis tool CodeSentry is now available.
CodeSentry v2.0 includes the following new and updated features:

Software Bill Of Materials (SBOM) now available in CycloneDX format
Binary Scan Vulnerability Report – Additional detail and new Appendix Section
0-Day Vulnerability Detection (CWE Top 25 and many more)
Support for new archive file formats
Support for manually adding a product to the SBOM (Direct Add)
Improved Component Match Detail information (formerly ‘Debug Information’ screen)
User and API Token Management

Follow our Video-Series "1 minute at Verifysoft" with Verifysoft Team Members:

(Offenburg, 22 June 2021)

In our video series "1 minute at Verifysoft", some members of our team introduce their "life" at Verifysoft Technology:
What is their daily work like, what are the challenges, why do they get involved with Verifysoft and what happens in their free time?
Learn more on our YouTube channel.

New Video: Require Progress. Verifysoft Technology.

(Offenburg/Germany, 2 June 2021)

Inevitable Changes Require Progress.
To Thrive We Must Verify.
Verifysoft Technology - Leading Software Testing Tools - since 2003 - worldwide.
Watch the video here!

Testwell Webinar: Code Coverage Analyser Testwell CTC++

Testwell Free Webinar on Tuesday, 28th September 2021, at 10.00 a.m. (CET, Berlin, Wien, Zurich) (english)
Topics covered include:
• Measuring Code Coverage with Testwell CTC++
• Advantages and Strengths of the tool
• Deployment scenarios from our customers
• Introduction of the tool: how to start?
register now!

Webinaire: Imagix 4D and Refactoring is just a Bowl of Cherries

Verifysoft invites you for the webinar "Imagix 4D and Refactoring is just a Bowl of Cherries" on Thursday, 7th October 2021, at 3.00 p.m. (CET, Berlin, Wien, Zurich)
The focus will be on the following aspects:
• Improving or modifying an application
• Reducing the number of test cases and therefore the testing effort, by reducing complexity
• Clearly organised architecture with loosely coupled components simplifies scalability and improves security
• Compliance with coding standards improves the readability of code and can have a positive impact on the robustness of an application
register now!

Using GrammaTech CodeSentry and CodeSonar to improve Software Security and comply with IEC 62443

(Ithaca/USA, 18 May 2021)

Exida, a functional safety and certification partner of GrammaTech, has released a white paper on GrammaTech products titled
“Using GrammaTech CodeSentry and CodeSonar to Improve Software Security and Comply with IEC 62443.” Exida is similar to TÜV, but based in the US and IEC 62443 is an upcoming standard that many customers in industrial automation are looking at. In order to develop secure code free of vulnerabilities, suppliers are increasingly following a secure development lifecycle to achieve these goals. The IEC 62443-4-1 standard (Security for industrial automation and control systems –Part 4-1: Secure product development lifecycle requirements) defines specific requirements for using a secure development lifecycle in the design, implementation, maintenance and testing of products used in industrial automation and control systems. Grammatech’s CodeSentry and CodeSonar tools can be used to help suppliers comply with this standard. The full report of the white paper is available from GrammaTech's website.

VDC Research Study Finds Only Half of IoT Projects are Testing for Software Security

(Bethesda/USA, 12 May 2021)

A research survey conducted by VDC Research on the state of software supply chain security testing is now available. Despite the fact that third party code in IoT projects has grown 17% in the past five years, only 56% of OEMs have formal policies for testing security. Meanwhile, when asked to rank the importance of security to current projects, 73.6% of respondents said it was important, very important or critical.
The full report, Finding Sources of Security in the Complex Software Supply Chains of Tomorrow, is available from GrammaTech's website.

These were the 8th Static Analysis Days 2021

(Offenburg/Germany, 6 May 2021)

The 8th edition of the Static Analysis Days (SAD) took place digitally on 5 and 6 May 2021.
Experts from GrammaTech and Imagix from the USA and Verifysoft spoke during both days about refactoring, vulnerability detection, security holes and serious software bugs, complementarity of static and dynamic code analysis, security reviews and application as well as benefits of static code analysis for source code and binary code.
We have compiled some of the presentations for you: find out more now!

New Video: Verifysoft - for Your Software's Quality

(Offenburg/Germany, 23 April 2021)

Verifysoft provides best Software Testing Solutions, seminars, and advice since 2003. The motivated Verifysoft team is here to increase the quality and productivity of your software development teams. Many things happened during the last years. We have shown some of this moments in our new video. Watch the video here!

Imagix 4D: Version 10.2 Available

(San Luis Obispo/USA, Offenburg/Germany, 8 April 2020)

Imagix 4D 10.2 is now available. The general focus of the new release is enhanced support for large source code sets.
Particular enhancements in 10.2 include:

Additional options in generating architectures from source code
Improved performance working with large projects, including in Architecture Diagrams
More automation of loading code into Imagix 4D, using Soong, Gradle and JSON build systems
Extensible interface to load code from any build logs

More information: Release notes and a description about creating projects based on Android build artifacts.

New Version 6.0 of Static Analysis Tool GrammaTech CodeSonar Available

(Ithaca / USA, Offenburg / Germany, 6 April 2021)

GrammaTech announces the availability of CodeSonar 6.0.
This release has several new features as well as numerous bug fixes, compatibility updates, and improvements:
For C/C++:

The C++ parser has been improved, with additional support for C++20 language features and Android 11 analysis.
New and updated models for several compiler families are available.
There are several new warning classes.
The CWE broad mapping has been refined and updated to CWE 4.3.

For Java:

CodeSonar 6.0 features our new Java analysis engine, which provides high recall, high precision Java language analysis with broad coverage of CWE security vulnerabilities.
The new Java engine features support for runtime engines up to Java 14 and is fully integrated into the CodeSonar Hub.

CodeSonar now integrates directly into the GitLab CI pipeline. Scan results are available in the GitLab Merge Requests, GitLab Security Dashboard and can be assigned as a GitLab Issue.

GrammaTech CodeSentry 1.4 now Available

(Ithaca/USA, 26 March 2021)

Version 1.4 of the Binary Software Composition Analysis tool CodeSentry is now available.
Key new features in this release are:

Binary Scan Vulnerability Report: A comprehensive report on N-Day vulnerabilities including a dashboard and detailed component and vulnerability info
Expanded archive support: A wide range of archive formats are now supported, including .tar.gz, gzip, bzip, in addition to Windows .msi, .cab., and .msu files

GrammaTech and Verifysoft Congratulate Long Time Customer, Jet Propulsion Laboratory, on their Successful Landing of Perseverance Rover

(Ithaca / USA, Offenburg / Germany, 24 February 2021)

As part of NASA’s Mars Exploration Program, "the Perseverance rover’s landing" was another exciting step towards knowing more about our Martian neighbor.
Jet Propulsion Laboratory (JPL) has been a long-time customer of GrammaTech and Verifysoft. JPL are regular users of the static analysis tool CodeSonar and the code coverage analyser Testwell CTC++ on their software projects. As such, we take great pride in being a small part of their success and achieving their project goals.

Pradat-Peyre: Pratique des Tests Logiciels

Verifysoft with Contributions in the French Standard Book for Software Tests

(Paris, Offenburg, 10 February 2021)

The fourth edition of the French standard book for software tests "Pratique des Tests Logiciels" is now published by the French editor Dunod.
Autors are Professor Jean-François Pradat-Peyre (University of Paris) and Jacques Printz. The foreword to the book was written by Verifysoft CEO Klaus Lambertz (English text). On 256 pages, the book covers all relevant topics relating to software testing. Verifysoft contributes with its expertise in the field of testing embedded systems and the benefits of the combination of static and dynamic code analysis.
The English translation of the chapter is available here.

Webinar: Binaries - The Hidden Side of Software Composition Analysis (SCA)

(Ithaca/New York/USA, 5 February 2021)

Many SCA solutions require source code for their bill-of-materials and vulnerability analysis. However, source code is not always available for much of the supply chain you use in your applications. This third-party content is often delivered as binaries and includes re-used open source or commercial components, many of which have known vulnerabilities that may be unknown to you. Getting a complete software bill-of-materials to fully understand your security exposure is becoming critical.
- Learn how these hidden vulnerabilities can cause major security headaches
- Discover a new class of SCA products have emerged to meet this challenge
- Hear success stories from GrammaTech and best practices from Forrester on how to implement binary SCA
Watch the recorded webinar here.

Verifysoft Technology with good revenue and profit during "Covid-19-Year" 2020

(Offenburg, 11 January 2021)

Verifysoft Technology closed the “crisis-year” 2020 with the second-highest revenue in company history.
Even though the revenue with testing tools and seminars went down by 13% compared to the record-breaking year 2019, it was still within an acceptable range. Due to the high quality of our tools and the commitment of our resellers and the entire Verifysoft-Team, we were able to finish the year off positively. For 2021, we are again anticipating a significant increase in sales and an expansion of our customer base, which currently includes over 600 companies in 39 countries on all continents.

GrammaTech Reports 2020 Business Results

(Bethesda/Maryland, 21 January 2021)

Despite the economic impact of the pandemic, GrammaTech today announced record business results for 2020 due to accelerating adoption of its CodeSonar® SAST product, demand for its new CodeSentry™ SCA product, and continued growth in its government research division.
GrammaTech added more than 50 new global product customers for its Application Security Testing (AST) products and won nine major research contracts.
Meanwhile, the new software composition analysis tool CodeSentry is already being evaluated by Fortune 500 customers.

1 September 2021

Newsletter