A Practical Approach to Shifting Security Left

There are two important considerations when adding security to an existing DevOps pipeline. The first is security in code,...

Integrations are Key to Success in DevSecOps for Embedded Development

The term DevSecOps is a contraction of developer, security and operations. Despite the buzzword hype, it does have positive...

GrammaTech Releases CodeSonar 6.0 with Improved Analysis, Visualization, Reporting and Unified Java Analysis

Over the years we have seen our customers “shifting left” to take advantage of building in security versus testing for security...

Multi-language SAST and SCA for Android Platforms and Applications

Android is, for most people, a mobile operating system for their phone or tablet. In fact, it’s an extremely successful open...

What the Building In Security Maturity Model (BSIMM) Says About the Role of SAST and SCA

The BSIMM is an annual study of the real-world software security initiatives – “SSIs” in the report - across the software...