GrammaTech Releases CodeSonar 6.0
April 12, 2021

GrammaTech announced a new version of its CodeSonar® SAST (static application security testing) product that helps developers build safer and more secure code without disrupting workflows.

CodeSonar 6.0 features visualization and analysis enhancements, GitLab integration as well as additional language and compiler support requested by 500 plus GrammaTech customers to support their transition to DevSecOps practices.

New capabilities in CodeSonar 6.0 make it easier for developers to avoid security and safety defects by automating the detection of problems and identifying best practice violations within their development environments. Providing SAST embedded in continuous integration/continuous delivery (CI/CD) pipelines is a critical component for shifting left and baking security into DevOps workflows.

Several key enhancements in CodeSonar include:

- Integrated visual representation of selected code for improved remediation of defects, eliminating the need for a separate developer interface

- Built in detection, alerts and reporting of Top 10 OWASP risks

- Increased granularity of CWE (Common Weakness Enumeration) vulnerabilities including format string type checking to facilitate communication on threats between developers and security team

- Code security and quality testing for both Android 11 based applications and the base operating environment which extends CodeSonar security to the Android platform

- Unification of Java, C and C++ testing in a single interface to eliminate workflow interruptions

- Support for 20 new C++ language features that enables customers to seamlessly extend security when new libraries and frameworks are adopted. These include spaceship operator, const init and concepts

- Updated support for GCC, IAR and Clang 10 compliers, and new support for Arm Clang compiler

“Reflecting the market in general, our customers are moving from post-build testing to making security an integral part of their development processes,” said Vince Arneja, CPO for GrammaTech. “This latest release of CodeSonar builds on our powerful static analysis capabilities to detect potential vulnerabilities, while making it infinitely easier to integrate SAST within DevOps pipelines without interrupting or slowing down developers.”

CodeSonar 6.0 is available immediately.

Share this

Industry News

March 18, 2024

Kubiya.ai announces the launch of its DevOps Digital Agents.

March 18, 2024

Aviatrix® introduced Aviatrix Distributed Cloud Firewall for Kubernetes, a distributed cloud networking and network security solution for containerized enterprise applications and workloads.

March 18, 2024

Stride announces the general availability of Stride Conductor, its new autonomous coding product that transforms the software development landscape.

March 14, 2024

CircleCI unveiled CircleCI releases, which enables developers to automate the release orchestration process directly from the CircleCI UI.

March 13, 2024

Fermyon™ Technologies announces Fermyon Platform for Kubernetes, a WebAssembly platform for Kubernetes.

March 13, 2024

Akuity announced a new offer targeted at Enterprises and businesses where security and compliance are key.

March 13, 2024

New Relic launched new capabilities for New Relic IAST (Interactive Application Security Testing), including proof-of-exploit reporting for application security testing.

March 12, 2024

OutSystems announced AI Agent Builder, a new solution in the OutSystems Developer Cloud platform that makes it easy for IT leaders to incorporate generative AI (GenAI) powered applications into their digital transformation strategy, as well as govern the use of AI to ensure standardization and security.

March 12, 2024

Mirantis announced significant updates to Lens Desktop that makes working with Kubernetes easier by simplifying operations, improving efficiency, and increasing productivity. Lens 2024 Early Access is now available to Lens users.

March 12, 2024

Codezero announced a $3.5 million seed-funding round led by Ballistic Ventures, the venture capital firm dedicated exclusively to funding entrepreneurs and innovations in cybersecurity.

March 11, 2024

Prismatic launched a code-native integration building experience.

March 07, 2024

Check Point® Software Technologies Ltd. announced its Check Point Infinity Platform has been ranked as the #1 Zero Trust Platform in the latest Miercom Zero Trust Platform Assessment.

March 07, 2024

Tricentis announced the launch and availability of SAP Test Automation by Tricentis as an SAP Solution Extension.

March 07, 2024

Netlify announced the general availability of the AI-enabled deploy assist.

March 07, 2024

DataStax announced a new integration with Airbyte that simplifies the process of building production-ready GenAI applications with structured and unstructured data.