Application security testing company GrammaTech and AppSecOps company ArmorCode have announced a technology integration partnership geared at helping users automate product security across development, testing, feedback, and deployment.
With the GrammaTech CodeSonar static application security testing (SAST) platform, ArmorCode users gain improved safety and security vulnerability intelligence for integrating application security capabilities into CI/CD pipelines.
“Unifying application security tools and intelligence to orchestrate operations across developer pipelines is central to preventing safety and security vulnerabilities from reaching market ready products,” said Katie Norton, senior research analyst of DevOps and DevSecOps at IDC. “Together, GrammaTech CodeSonar and ArmorCode can enable customers to automate end-to-end DevSecOps workflows instead of stitching together often siloed processes.”
According to the companies, this integration provides users with a centralized, 360 degree view of vulnerabilities in the CI/CD pipeline and orders them by priority level for remediation.
This is intended to help companies apply DevSecOps practices to span physically distributed development environments and comply with standards based coding practices such as MISRA for automotive products.
Furthermore, ArmorCode’s AppSecOps platform works to unify vulnerability management to cut back on response time for the detection and remediation and the disruption of the software release cycle.
“As organizations across industries adopt DevSecOps to accelerate the delivery of software, the number of security vulnerabilities have increased exponentially. Furthermore, the security teams responsible for protecting the business are struggling to manage the risk and to keep pace with the speed of delivery,” said Mark Lambert, chief product officer at ArmorCode. “This integration between GrammaTech CodeSonar and ArmorCode delivers the visibility and workflow automation these teams need to ship secure software and ship it fast.”