GrammaTech Provides Static Application Security Testing (SAST) for DoD Platform One

Containerized, Hardened Version of CodeSonar^Ⓡ Product is Available in DoD-approved Iron Bank DevSecOps Tools Repository

GrammaTech, a leading provider of application security testing products and software research services, today announced that its CodeSonar^Ⓡ SAST product has been accepted into the U.S. Department of Defense’s (DoD) “Iron Bank” repository and is now available through the U.S. Air Force Platform One application portal. GrammaTech CodeSonar is accessible to all DoD agencies in the form of a digitally signed, hardened binary container image for integration into DevSecOps pipelines.

@GrammaTech provides static application security testing for DoD Platform One. Containerized, hardened version of CodeSonar product is available in Iron Bank DevSecOps Tools Repository

 

“The modern battlefield requires secure software from endpoints such as radios, missiles, airplanes and tanks all the way through the network to the Command and Control (C2) of decision makers, wherever that may be. The DoD needs best-in-class solutions and processes to build and deploy this software,” said Nicolas Chaillan, Chief Software Officer, U.S. Air Force and Co-Lead for the DoD Enterprise DevSecOps Initiative. “GrammaTech CodeSonar has been a great solution to have within the Department of Defense. Having CodeSonar as a hardened container available in Iron Bank and Platform One will be invaluable in accelerating the shift to DevSecOps DoD-wide.”

Recommended AI News: Anari AI Raises $2 Million to Rebuild the AI Hardware Industry Through Personalized Cloud Chips

Platform One provides valuable tooling, hosts CI/CD DevSecOps pipelines, and offers a secure Kubernetes platform for hosting microservices. Authorization to go live with new applications can be achieved faster than ever by using Iron Bank hardened containers and Platform One pipeline security tools. The resulting Certificate to Field (CtF) and Continuous Authority to Operate (Continuous ATO) provides developers the ability to push validated code into production on an ongoing basis. This results in shorter development cycles, less debugging, and more rapid feature development.

Recommended AI News: West Ham United to Advance Partner Services With KORE Software

“GrammaTech has a long history of conducting software security research and providing security testing products for the DoD as well as other civil, defense, and intelligence agencies,” said Mike Dager, CEO of GrammaTech. “The addition of CodeSonar to Platform One provides DoD developers with a certified, powerful and automated solution that integrates seamlessly with their workflows to quickly find and remediate vulnerabilities in code before software is released.”

The CodeSonar platform was designed to implement security early and throughout the software development life cycle, without compromising innovation and time-to-market. CodeSonar integrates easily with toolchains, methodologies and processes, allowing organizations to develop and release high quality and secure software that is free from harmful defects and exploitable weaknesses which can cause system failures and security breaches.

Recommended AI News: NEC Develops Multilingual Speech Translation System ‘DokoMinaPhone’