GrammaTech Releases CodeSonar 5 With Usability Focus

Posted on


Increased language coverage with C# and support for Microsoft Visual Studio and Chinese language support, new copy and paste checker and binary code analysis decompiler increases the reach of CodeSonar across the enterprise. 



Software development professionals looking to supercharge their development workflows have a new tool, available today. GrammaTech, a leading provider of software assurance tools and cybersecurity solutions, today announced availability of CodeSonar® 5, their latest innovation in advancing static analysis.

CodeSonar® 5 delivers the next step in usability and extensibility for users of static analysis. GrammaTech adds C# support next to the already existing support for C, C++ and Java. This gives CodeSonar® coverage for the most popular programming languages for safety and security critical industries such as Automotive, Industrial, Medical, Consumer/Electronic as well Aerospace and Defense. User experience is improved with support for the Visual Studio IDE, which builds on the currently available support for the Eclipse IDE. CodeSonar® uses open standards where possible and CodeSonar® 5 adds support for importing results in the Static Analysis Results Interchange Format (SARIF). Additionally, the whole program static analysis engine within CodeSonar® has been extended with a copy-paste error checker that finds problems caused by incorrect re-use of C/C++ code. This checker has already proven its use in finding more than 20 problems in popular open source programs such as the Linux kernel, chromium, mysql, wine, eclipse TCF, python, and postgres. This once more confirms that CodeSonar® delivers the deepest static analysis for C/C++ in the industry today.

One of the differentiating features of CodeSonar® is the detailed information that it provides for every warning through its natural language generator. CodeSonar® 5 extends language support with support for Mandarin, as well as Japanese and English. Other languages can easily be added.

Numerous other improvements are also included, such as enhancements to the C++11, 14, and 17 support, floating point support and more flexibility in the role-based access control, improving usability for large enterprise deployment.

“This release is a nice combination of breadth and depth. The integrations with other tools extend the scope of CodeSonar®, and we continue to innovate with new techniques for finding serious coding defects in software,” says Paul Anderson, VP of Engineering at GrammaTech. “Developers like the usability that CodeSonar® combines with deep static analysis, allowing them to improve their code quality, reducing cost, and risk”.

The update is available as a free upgrade to all licensed customers under active support and maintenance contracts. A 30-day free trial of CodeSonar® 5 is also available at

About GrammaTech:

GrammaTech’s advanced static analysis tools are used by software developers worldwide, spanning a myriad of embedded software industries including avionics, government, medical, military, industrial control, and other applications where reliability and security are paramount. Originally developed within Cornell University, GrammaTech is now a leading research center for software security and a commercial vendor of software-assurance tools and advanced cyber-security solutions. With both static and dynamic analysis tools that analyze source code as well as binary executables, GrammaTech continues to advance the science of superior software analysis, providing technology for developers to produce safer software. For more information, visit or follow us on LinkedIn.

Book a Demo

We’re ready to help you integrate SAST and SCA security into your DevSecOps flow. Get a personally guided tour of our solution offerings to ensure you are receiving the right solution for your development team. 

book now