GrammaTech Releases CodeSonar 5, Now With Support for C# and .NET

GrammaTech, a leading provider of software assurance tools and cybersecurity solutions announced the release of CodeSonar 5 this week, its latest tool in advancing static analysis. The latest release now adds support for C# and .NET with the existing support for C, C++, and Java. The company calls it “the next step in usability and extensibility for users of static analysis”.

CodeSonar 5, while covering most of the popular programming languages for safety and security critical industries such as automotive, industrial, medical, consumer electronics as well aerospace and defense, now also has an improved support for the Visual Studio IDE. The company uses open standards where possible and adds support for SARIF, which allows for the integration with other compatible tools like the Microsoft Visual Studio Code.

Source: CodeSonar 

"This release is a nice combination of breadth and depth. The integrations with other tools extend the scope of CodeSonar, and we continue to innovate with new techniques for finding serious coding defects in software," said Paul Anderson, VP of Engineering at GrammaTech, "Developers like the usability that CodeSonar combines with deep static analysis, allowing them to improve their code quality, reducing cost, and risk."

Moreover, the whole program static analysis engine within CodeSonar now has a copy-paste error checker that has already proven its use in finding several serious problems in popular open source programs such as postgres, ffmpeg, the Linux kernel, Open Office and the Chrome browser.


CodeSonar 5 enhances the static analysis tool's binary analysis capabilities with a built-in C Decompiler which enables security engineers to understand warnings easier and assess their impact by scoring them with rankings such as the CVSS (Common Vulnerability Scoring System).

Several other improvements have also been stated in the official blog post.

The update is now available as a free upgrade to existing customers and a 30-day free trial can be availed by people interested here.