GrammaTech CodeSonar Hybrid Cloud Deployment Model Accelerates Integration of SAST into DevSecOps Processes

New Version of Static Application Security Testing Solution Supports New Tools and Standards that Make it Easier to Develop Safe, Secure and Defect-Free Software

GrammaTech, a leading provider of application security testing products and software research services, announced a new version of its CodeSonar static application security testing (SAST) solution that can be deployed in both on-premises and hybrid cloud models to seamlessly integrate into existing DevSecOps pipelines and facilitate remote team collaboration. GrammaTech CodeSonar 7.0 also includes enhanced support for development tools from Microsoft, Jenkins and GitLab, and additional secure coding standards that enable organizations to further automate code testing and shift security left.

Latest Aithority Insights: AudioCodes Is an Approved Partner for Microsoft’s Operator Connect Accelerator

GrammaTech CodeSonar hybrid cloud deployment model accelerates integration of SAST into DevSecOps processes and supports new tools and standards that make it easier to develop safe, secure and defect-free software

According to Gartner, Inc. “DevSecOps offers a means of effectively integrating security into the development process, eliminating or reducing friction between security and development, and pragmatically achieving a secure, workable software development life cycle (SDLC). The goal is to enable development to move faster without compromising on security and compliance.”¹

Seamless SAST integration for AppDev Pipelines
To provide greater deployment flexibility and efficiency for detecting and fixing errors in code, the CodeSonar Hub can now be hosted in a single-tenant AWS cloud instance to share CodeSonar capabilities and results across geographically distributed teams. This hybrid SaaS deployment model combines on-premises build environments with the CodeSonar Hub hosted on AWS, simplifying administrative tasks such as provisioning new users and instantly scaling up cloud resources to meet changes in code testing demand.

Browse The Complete News About Aithority: Fuel Cycle Selects Canvs AI as Premier Text Analytics Solution on Fuel Cycle Exchange

To further integrate SAST into existing environments and CI/CD pipelines, CodeSonar adds more support for key enterprise IT and development tools to accelerate DevSecOps adoption, including:

• Simplifying CodeSonar user and role management with LDAP, Microsoft Active Directory and single sign on (SSO) services
• Delivering CodeSonar warnings directly in Visual Studio 2022 to more efficiently find and fix issues while coding
• Supporting concurrent builds in Jenkins to make results reporting easier and enable more SAST capabilities in the platform’s workflow
• These integrations expand existing support for GitHub, GitLab, Eclipse, Jira and others.

“Application security testing can no longer be a standalone function that occurs outside of development pipelines due the cost and product delays of testing code after a build is complete,” said Vince Arneja, Chief Product Officer for GrammaTech. “CodeSonar provides advanced code testing and analysis capabilities that can be seamlessly integrated into any development environment including on-premises, hybrid cloud and remote team scenarios – allowing developers to find code defects earlier, efficiently fix them and accelerate the delivery of quality, safe and secure products.”

Read More About Aithority News : Mindtree and Sapiens Announce Partnership to Digitally Transform the Insurance Industry

 [To share your insights with us, please write to sghosh@martechseries.com]