In recent years, third-party code has become an important factor in software development. As a result of outsourcing, the behaviors of significant parts of applications are often hidden from many popular code analysis tools. There is a need for the ability to examine third-party code when you don’t have access to its source code.
Lexington Soft offers the innovative testing tool CodeSonar, from GrammaTech, as a solution to this problem. GrammaTech’s groundbreaking binary code static analysis technology can find bugs and vulnerabilities in binary executables and third-party libraries delivered to you only in binary form. It doesn’t rely on debugging or symbol-table information. With CodeSonar, you can perform a security audit on software without any cooperation from the vendor. You can use CodeSonar on-site, allowing customers to keep their software securely in their own hands.
You can also analyze third-party libraries at the same time as you analyze your own code. Analyzing application source code together with binary code also let’s you understand how the application interacts with the libraries. This yields more true results and fewer false positives.
CodeSonar also provides English explanations about what’s happening in the code at the particular point of a detected error, a great help for those engineers who might not know all of the subtle details of machine code.
CodeSonar’s code visualization feature provides multiple viewing options for visualizing metrics, defects, and sources of input data, allowing you to quickly gain a high-level understanding of what the code looks like.
Want to know if CodeSonar will meet your needs? Lexington Soft will gladly provide a sales demo and proof of concept, conduct product evaluations and even offer you a free trial!