News

GrammaTech Partners with ArmorCode to Deliver Vulnerability Management Orchestration Across Development Pipelines

Posted on

by

GrammaTech CodeSonar and ArmorCode combine application vulnerability intelligence with AppSecOps workflows for end-to-end product security automation

BETHESDA, Md., April 17, 2023 — GrammaTech, a leading provider of application security testing products and software research services, and ArmorCode, the leader in AppSecOps, today announced a technology integration partnership to help customers automate product security across development, testing, feedback and deployment. The GrammaTech CodeSonar® SAST (static application security testing) platform provides deep safety and security vulnerability intelligence to ArmorCode for orchestrating application security operations within CI/CD pipelines. The companies are collaborating to offer integrated solutions for ensuring the safety and security of mission-critical automotive, aerospace, enterprise, and industrial products.

“Unifying application security tools and intelligence to orchestrate operations across developer pipelines is central to preventing safety and security vulnerabilities from reaching market-ready products,” said Jim Mercer, Research Vice President, DevOps & DevSecOps for IDC. “The combination of GrammaTech CodeSonar and ArmorCode enables customers to automate end-to-end DevSecOps workflows instead of stitching together siloed processes.”

The integration of ArmorCode and CodeSonar provides customers a centralized 360 degree view of vulnerabilities in CI/CD pipelines and prioritizes them for resolution, which is essential for implementing DevSecOps across physically distributed development environments and for satisfying standards-based coding practices such as MISRA for automotive products.  

“As organizations across industries adopt DevSecOps to accelerate the delivery of software, the number of security vulnerabilities have increased exponentially. Furthermore, the security teams responsible for protecting the business are struggling to manage the risk and to keep pace with the speed of delivery,” said Mark Lambert, Chief Product Officer for ArmorCode. “This integration between GrammaTech CodeSonar and ArmorCode delivers the visibility and workflow automation these teams need to ship secure software and ship it fast.”

“Identifying and remediating security vulnerabilities in complex development environments that span multiple geographies can be challenging due to siloed data and workflows, which can lead to product delays or worse,” said Vince Arneja, Chief Product Officer for GrammaTech. “Together, CodeSonar and ArmorCode deliver deep visibility into vulnerabilities and automated orchestration capabilities to help customers improve the security of their code, while delivering safer products to market faster.” 

The ArmorCode AppSecOps platform unifies vulnerability management to reduce the detection and remediation response time for security risks and minimize the disruption of software release schedules. It centralizes findings and remediations from hundreds of application, infrastructure, and cloud security tools; normalizes, de-dupes, correlates, and prioritizes data; automates critical vulnerability management workflows; and provides developers the information they need to quickly remediate problems.

CodeSonar’s SAST analysis supports all leading product development languages (C, C++, C# and Java) in one unified platform.  The platform supports the validation of coding standards and best practices including MISRA, JPL, CERT-C and static verification using formal method concepts to find defects including runtime errors, buffer overruns, API misuse, misuse of socket API, suspicious behavior, dead code and unused variables. It finds defects that impact software quality and security and scales to meet the most rigorous real-world requirements, programs and processes.

Availability

CodeSonar’s integration for ArmorCode is available immediately.  

About GrammaTech

GrammaTech is a leading global provider of application security testing (AST) solutions used by the world’s most security-conscious organizations to detect, measure, analyze and resolve vulnerabilities for software they develop or use. The company is also a trusted cybersecurity and artificial intelligence research partner for the nation’s civil, defense, and intelligence agencies. GrammaTech has corporate headquarters in Bethesda MD, a Research and Development Center in Ithaca NY, and publishes Shift Left Academy, an educational resource for software developers. Visit us at https://codesecure.com/, and follow us on LinkedIn and Twitter.  

CodeSonar® and CodeSentry® are registered trademarks of GrammaTech, Inc.

Book a Demo

We’re ready to help you integrate SAST and SCA security into your DevSecOps flow. Get a personally guided tour of our solution offerings to ensure you are receiving the right solution for your development team. 

book now