GrammaTech Partners with ArmorCode to Deliver Vulnerability Management Orchestration Across Development Pipelines
GrammaTech CodeSonar and ArmorCode combine application vulnerability intelligence with AppSecOps workflows for end-to-end product security automation
GrammaTech, a leading provider of application security testing products and software research services, and ArmorCode, the leader in AppSecOps, announced a technology integration partnership to help customers automate product security across development, testing, feedback and deployment. The GrammaTech CodeSonar® SAST (static application security testing) platform provides deep safety and security vulnerability intelligence to ArmorCode for orchestrating application security operations within CI/CD pipelines.
AiThority Interview Insights: AiThority Interview with Vova Kyrychenko, CTO at Xenoss
.@GrammaTech Partners with ArmorCode to deliver vulnerability management orchestration across development pipelines. Companies combine application vulnerability intelligence with AppSecOps workflows for end-to-end product security
The companies are collaborating to offer integrated solutions for ensuring the safety and security of mission-critical automotive, aerospace, enterprise, and industrial products. GrammaTech will demonstrate its CodeSonar and CodeSentry SBOM products at RSA Conference 2023 at Booth 5300 in the North Expo, while ArmorCode will be in the Early Stage Expo South Level 2, Booth ESE-10.
“Unifying application security tools and intelligence to orchestrate operations across developer pipelines is central to preventing safety and security vulnerabilities from reaching market ready products,” said Katie Norton, Senior Research Analyst, DevOps & DevSecOps, IDC. “Together, GrammaTech CodeSonar and ArmorCode can enable customers to automate end-to-end DevSecOps workflows instead of stitching together often siloed processes.”
The integration of ArmorCode and CodeSonar provides customers a centralized 360 degree view of vulnerabilities in CI/CD pipelines and prioritizes them for resolution, which is essential for implementing DevSecOps across physically distributed development environments and for satisfying standards based coding practices such as MISRA for automotive products.
“As organizations across industries adopt DevSecOps to accelerate the delivery of software, the number of security vulnerabilities have increased exponentially. Furthermore, the security teams responsible for protecting the business are struggling to manage the risk and to keep pace with the speed of delivery,” said Mark Lambert, Chief Product Officer for ArmorCode. “This integration between GrammaTech CodeSonar and ArmorCode delivers the visibility and workflow automation these teams need to ship secure software and ship it fast.”
“Identifying and remediating security vulnerabilities in complex development environments that span multiple geographies can be challenging due to siloed data and workflows, which can lead to product delays or worse,” said Vince Arneja, Chief Product Officer for GrammaTech. “Together, CodeSonar and ArmorCode deliver deep visibility into vulnerabilities and automated orchestration capabilities to help customers improve the security of their code, while delivering safer products to market faster.”
Read More about AiThority Interview: AiThority Interview with Ahmad Al Khatib, CEO and Founder at Qudo
The ArmorCode AppSecOps platform unifies vulnerability management to reduce the detection and remediation response time for security risks and minimize the disruption of software release schedules. It centralizes findings and remediations from hundreds of application, infrastructure, and cloud security tools; normalizes, de-dupes, correlates, and prioritizes data; automates critical vulnerability management workflows; and provides developers the information they need to quickly remediate problems.
CodeSonar’s SAST analysis supports all leading product development languages (C, C++, C# and Java) in one unified platform. The platform supports the validation of coding standards and best practices including MISRA, JPL, CERT-C and static verification using formal method concepts to find defects including runtime errors, buffer overruns, API misuse, misuse of socket API, suspicious behavior, dead code and unused variables. It finds defects that impact software quality and security, and scales to meet the most rigorous real-world requirements, programs and processes.
Latest AiThority Interview Insights : AiThority Interview with Brad Anderson, President of Product and Engineering at Qualtrics
[To share your insights with us, please write to sghosh@martechseries.com]
Comments are closed.