GrammaTech Releases CodeSonar 6.0
April 12, 2021

GrammaTech announced a new version of its CodeSonar® SAST (static application security testing) product that helps developers build safer and more secure code without disrupting workflows.

CodeSonar 6.0 features visualization and analysis enhancements, GitLab integration as well as additional language and compiler support requested by 500 plus GrammaTech customers to support their transition to DevSecOps practices.

New capabilities in CodeSonar 6.0 make it easier for developers to avoid security and safety defects by automating the detection of problems and identifying best practice violations within their development environments. Providing SAST embedded in continuous integration/continuous delivery (CI/CD) pipelines is a critical component for shifting left and baking security into DevOps workflows.

Several key enhancements in CodeSonar include:

- Integrated visual representation of selected code for improved remediation of defects, eliminating the need for a separate developer interface

- Built in detection, alerts and reporting of Top 10 OWASP risks

- Increased granularity of CWE (Common Weakness Enumeration) vulnerabilities including format string type checking to facilitate communication on threats between developers and security team

- Code security and quality testing for both Android 11 based applications and the base operating environment which extends CodeSonar security to the Android platform

- Unification of Java, C and C++ testing in a single interface to eliminate workflow interruptions

- Support for 20 new C++ language features that enables customers to seamlessly extend security when new libraries and frameworks are adopted. These include spaceship operator, const init and concepts

- Updated support for GCC, IAR and Clang 10 compliers, and new support for Arm Clang compiler

“Reflecting the market in general, our customers are moving from post-build testing to making security an integral part of their development processes,” said Vince Arneja, CPO for GrammaTech. “This latest release of CodeSonar builds on our powerful static analysis capabilities to detect potential vulnerabilities, while making it infinitely easier to integrate SAST within DevOps pipelines without interrupting or slowing down developers.”

CodeSonar 6.0 is available immediately.

Share this

Industry News

May 06, 2021

Splunk announced the new Splunk Observability Cloud, the full-stack, analytics-powered and enterprise-grade Observability solution.

May 06, 2021

Gluware unveiled its DevOps for NetOps framework featuring Gluware Lab, its integrated development environment (IDE).

May 06, 2021

Ambassador Labs announced the new Ambassador Developer Control Plane (DCP), whichgives developers the ability to manage the entire modern software development lifecycle for Kubernetes environments using tools and processes that are familiar to them.

May 06, 2021

Code Dx and Secure Code Warrior have teamed up to launch Project Better Code, an initiative to tackle a major challenge facing innovative organizations today – pushing the pace of software development without compromising software security.

May 06, 2021

Pegasystems announced the latest evolution of its Pega Infinity software suite to help speed and simplify digital transformation (DT) initiatives, Pega Infinity version 8.6.

May 06, 2021

Accurics announced that its open source project Terrascan, which enables teams to detect compliance and security violations across Infrastructure as Code (IaC), now integrates with the Argo Project.

May 05, 2021

Amazon Web Services announced the general availability of Amazon DevOps Guru, a fully managed operations service that uses machine learning to make it easier for developers to improve application availability by automatically detecting operational issues and recommending specific actions for remediation.

May 05, 2021

SmartBear has added API testing support for the popular, open source event streaming platform, Apache Kafka.

May 05, 2021

Red Hat unveiled its Developer Sandbox for Red Hat OpenShift, an OpenShift-based development environment designed to enable organizations to accelerate the path from code to production for Kubernetes-based applications.

May 05, 2021

DevOps Institute announced the lineup for SKILup Days in the second quarter of 2021.

May 05, 2021

Idera announced the acquisition of Xblend Software.

May 04, 2021

ThoughtSpot announced the launch of ThoughtSpot Everywhere.

May 04, 2021

Perforce Software announced the availability of virtual devices (Android emulators and iOS simulators) as part of the comprehensive device lab within Perfecto’s Intelligent Test Automation platform.

May 04, 2021

LogiGear announced the newest release of its flagship TestArchitect™ Enterprise product, TestArchitect Enterprise 9.0.

May 04, 2021

Rafay Systems announced new enhancements to its flagship Kubernetes Management Cloud (KMC).