Digital Media Net - Your Gateway To Digital media Creation. News and information on Digital Video, VR, Animation, Visual Effects, Mac Based media. Post Production, CAD, Sound and Music
Categories: MacNews

GrammaTech CodeSentry 4.0 Enables Developers to Identify Security Vulnerabilities Hidden in Third Party Code

Binary Software Composition Analysis Platform Closes Security Gap in Pre-Built Software without Access to Source Code

BETHESDA, Md.–(BUSINESS WIRE)–#AppSecGrammaTech, a leading provider of application security testing products and software research services, today announced a new version of its CodeSentry software supply chain security platform which enables organizations to detect security vulnerabilities contained in third party code. CodeSentry uses binary software composition analysis (BSCA) to identify known threats (CVEs) and common weakness enumeration (CWE) errors in externally developed software components without access to source code.

While the bulk of the industry’s attention has focused on vulnerabilities in open source software (OSS) with initiatives like OpenSSF, an equally important problem remains. According to VDC Research, nearly 60% of software products contain third-party code, most of which uses open source components under the hood. Since this pre-built code is delivered in binary format, organizations lack the ability to detect security risks it contains prior to using it to develop applications or embedding it in physical products such as automobiles, medical devices and more.

To detect vulnerabilities in third-party or pre-built code during the development process, CodeSentry 4.0 provides comprehensive support for desktop and mobile applications, firmware, containers, and embedded operating systems.

“Software development teams are increasingly being tasked with ensuring the integrity of their products by avoiding security and safety defects that can lead to costly product failures or recalls,” said Mike Dager, CEO of GrammaTech. “This security concern has even escalated the creation of regulatory requirements for the software supply chain from the FDA and the recent presidential Executive Order. CodeSentry 4.0 makes it possible for organizations to verify the contents, security and safety of third-party software components they use to build their products.”

Securing Third Party Code from the Inside Out

Since source code is rarely available for third party software, binary analysis is an emerging alternative for extracting a software bill of materials (SBOM) to identify components, dependencies and security vulnerabilities they may contain. Offered as a SaaS or on-premises solution, CodeSentry automates this process – providing a foundation for improving software supply chain security.

CodeSentry 4.0 provides the broadest coverage of any binary SCA platform that includes:

  • Desktop, Server and Mobile platforms: Windows, Linux, macOS, Java, Android and iOS
  • Language Support: Python, JavaScript and binaries originating from: C/C++, C#, Java and Go
  • Embedded OSes: VxWorks, QNX and Android
  • CPU Architectures: x86, ARM32/64, MIPS and AVR32
  • File Formats: Embedded and Firmware Filesystem Image Formats, Mobile File Formats, Docker containers, and Python and Javascript Packages
  • Supports multiple SBOM formats including SPDX and CycloneDX

Availability

GrammaTech CodeSentry 4.0 is available immediately from GrammaTech and its business partners worldwide.

About GrammaTech

GrammaTech is a leading global provider of application security testing (AST) solutions used by the world’s most security conscious organizations to detect, measure, analyze and resolve vulnerabilities for software they develop or use. The company is also a trusted cybersecurity and artificial intelligence research partner for the nation’s civil, defense, and intelligence agencies. GrammaTech has corporate headquarters in Bethesda MD, a Research and Development Center in Ithaca NY, and publishes Shift Left Academy, an educational resource for software developers. Visit us at https://www.grammatech.com/, and follow us on LinkedIn and Twitter.

CodeSonar® and CodeSentry® are registered trademarks of GrammaTech, Inc.

Contacts

Media Contact:

Marc Gendron

Marc Gendron PR for GrammaTech

617.877.7480

marc@mgpr.net

Staff

Recent Posts

Wondershare Unveils SelfyzAI 3.0: New AI Features Enhance Image Editing Experience

VANCOUVER, BC, Nov. 4, 2024 /PRNewswire/ -- In October 2024, Wondershare proudly launched SelfyzAI 3.0,…

5 hours ago

Monomoy Acquires Oliver’s Food Packaging and Equipment Business

The acquisition marks 20 corporate carve-outs, including ten platform investments, all supported by Monomoy’s deep…

19 hours ago

MoonFox Analysis | Chinese A-share Companies’ Global Revenue Journey: Expected to Reach US $1.4 Trillion

SHENZHEN, China, Nov. 4, 2024 /PRNewswire/ -- Since the Reform and Opening-up in China, global…

20 hours ago

TECNO’s #ToneProud Campaign Aspires to End Skin Tone Bias in Imaging Technology to Represent Full Human Diversity

JAKARTA, Indonesia, Nov. 3, 2024 /PRNewswire/ -- In a world where technology and AI shapes…

20 hours ago

BLUE LOCK UNVEILS NEWEST KEY VISUAL AHEAD OF SEASON 2 CLIMACTIC MATCH

NEW PROMOTIONAL VIDEOS AND TEASER BUILDS EXCITEMENT AS THE BATTLE FOR BLUE LOCKS SURVIVAL BEGINS…

2 days ago

WiMi is Working on a Blockchain-Enhanced Federal Learning Privacy-Preserving Mechanism

BEIJING, Nov. 1, 2024 /PRNewswire/ -- WiMi Hologram Cloud Inc. (NASDAQ: WIMI) ("WiMi" or the…

3 days ago