How To Address Digital Supply Chain Vulnerabilities
Most organizations do everything they can to manage third-party risks associated with their vendors, agents, resellers and partners. However, a couple of supply chain components are often left unmanaged: software applications a company purchases for use by its employees and third-party code used in applications created in-house. Until now, the ... Read More
Coming to Security Mandate Near You: SBOMs
The recent executive order will expand what companies must disclose to the government when a data breach occurs. Like the California Consumer Privacy Act (CCPA), these new rules will shield software developers from legal liabilities associated with a breach disclosure ... Read More
SAST and Unit Testing are a Perfect Match: CodeSonar and VectorCAST Integration
VectorCAST is an embedded software testing platform from Vector Informatik that supports the creation and management of test assets to help software developers validate software requirements. VectorCAST measures code coverage with automated regression testing and standards-compliant report generation with execution on host, simulator and embedded target systems. Unit Test ... Read More
GrammaTech Releases CodeSonar 6.0 with Improved Analysis, Visualization, Reporting and Unified Java Analysis
Over the years we have seen our customers “shifting left” to take advantage of building in security versus testing for security later in the lifecycle. As advanced SAST tools such as CodeSonar mature, we see that our customers are interested in three key areas of innovation: Safety and security is ... Read More
GrammaTech Named Top 20 Most Promising Automotive Solution Provider
In the most recent issue of CIO Review, GrammaTech was named one of the Top 20 Most Promising Automotive Solution Providers. The list of companies was selected by a panel of experts and members of CIO Review’s editorial board; GrammaTech’s IoT solutions were selected based on their ability to deliver ... Read More
Recommended Application Security Testing (AST) Techniques
There are some very interesting takeaways from Gartner’s recent report “How to Deploy and Perform Application Security Testing” (published March 20, 2020, Gartner subscription required). Primarily, “application security testing (AST) is a critical practice within the software development life cycle (SDLC) and covers multiple techniques, from early development stages through ... Read More
