PR.com: Business Directory, Press Releases, Jobs, Products, Services, Articles
 
Businesses Articles Press Releases Follow @PRcom
Press Release Pricing | News by Category | News by Country | News by US Region | Recent News | PR.com News on Your Site
 

Press Releases

 
GrammaTech, Inc

Press Release


Receive press releases from GrammaTech, Inc: By Email RSS Feeds:

GrammaTech Announces First Fully Compatible Static-Analysis Tool for MITRE’s Common Weakness Enumeration Security Standard


San Jose, CA, March 19, 2008 --(PR.com)-- GrammaTech, Inc., a leading provider of source-code analysis tools, declared today that CodeSonar Enterprise is the first static-analysis tool that is compatible with all aspects of MITRE’s Common Weakness Enumeration (CWE) standard. CodeSonar has now entered CWE’s Evaluation Phase, after which CWE compatibility will become official.

CWE, developed by the MITRE Corporation under the sponsorship of the National Cyber Security Division of the Department of Homeland Security, provides a standard language for describing software security weaknesses. Standard terminology makes it easier for organizations to identify, understand and eliminate the myriad of security weaknesses that can occur in software.

"Leveraging efforts on this topic from academia, the commercial sector, and government, CWE unites the most valuable breadth and depth of content and structure to serve as a unified standard. Our objective is to help shape the code security assessment industry and also dramatically accelerate the use and utility of software assurance capabilities for organizations in reviewing the software systems they acquire or develop," said Robert Martin, CWE project leader.

“GrammaTech’s CodeSonar is a static analysis tool for identifying programming flaws and security vulnerabilities in code. CWE is an important and valuable initiative that will help CodeSonar users understand the state of their code more effectively. GrammaTech is pleased to participate in this effort and proud to be the first vendor to offer a static-analysis tool that is compatible in all aspects,” said Paul Anderson, VP of Engineering at GrammaTech.

Software acquirers want assurance that the software products they are obtaining are reviewed for known types of security flaws, and the acquisition groups in large government and private organizations are moving forward to use these types of reviews as part of future contracts. However, the tools and services that can be used for this type of review are new at best and there is no nomenclature, taxonomies, or standards to define the capabilities and coverage of these tools and services. This makes it difficult to comparatively decide which tool/service is best suited for a particular job. What is needed is a standard list and classification of software security weaknesses to serve as a unifying language of discourse and a measuring stick for tools and services. CWE was created specifically to address these problems. More information about CWE can be found at http://cwe.mitre.org/about/index.html.

About GrammaTech
GrammaTech’s static-analysis tools are used worldwide by startups, Fortune 500 companies, educational institutions and government agencies. The staff includes ten PhD-level experts in programming languages and program analysis. The company has offices in Ithaca, New York, and San Jose, California. More information about GrammaTech can be found at www.grammatech.com.

GrammaTech and CodeSonar are trademarks of GrammaTech, Inc. All other trademarks are property of their respective companies.

The URL for this release is located at: http://www.grammatech.com/news/2008/releases/03-18-08.html

###
Contact Information
GrammaTech, Inc
Barbara Stewart
480-488-6909
Contact
www.grammatech.com

Click here to view the list of recent Press Releases from GrammaTech, Inc
Promote Your Business