Iron Bank

CodeSonar: Iron Bank Approved

Platform One and Iron Bank: Containerized SAST Solution Accelerates DevSecOps Initiative

Platform One provides valuable tooling, hosts CI/CD DevSecOps pipelines, and offers a secure Kubernetes platform for hosting microservices for the U.S. Department of Defense’s DevSecOps initiative. Authorization to go live with new applications can be achieved faster than ever by using Iron Bank hardened containers and Platform One pipeline security tools. The resulting Certificate to Field (CtF) and Continuous Authority to Operate (Continuous ATO) provides developers the ability to push validated code into production on an ongoing basis—resulting in shorter development cycles, less debugging, and more rapid feature development.

The addition of GrammaTech’s CodeSonar SAST solution to Platform One and Iron Bank provides DoD developers with a certified, powerful, and automated solution that integrates seamlessly with their workflows to quickly find and remediate defects and vulnerabilities in code before the software is released.

Static Application Security Testing

CodeSonar was designed to implement security early and throughout the software development life cycle, without compromising innovation and time-to-market. CodeSonar delivers deep code analysis and easily integrates with DevSecOps toolchains, methodologies, and processes. As an integral part of the DevSecOps process, CodeSonar enables development teams to develop and release high-quality, safe, and secure software that is free from harmful defects and exploitable weaknesses which can cause critical system failures and security breaches.

CodeSonar is available in Iron Bank and Platform One, as well as through JFAC and directly from GrammaTech.