-

GrammaTech VP Dr. Paul Anderson to Present at embedded world 2021 DIGITAL

Leading Software Expert will Discuss the Role of Application Security Testing and Software Composition Analysis in Protecting the Digital Supply Chain

BETHESDA, Md.--(BUSINESS WIRE)--GrammaTech, a leading provider of application security testing products and software research services, today announced that its VP of Engineering Dr. Paul Anderson will present two sessions at embedded world 2021 DIGITAL, the world’s largest conference on embedded technologies and trends.

WHO:

Dr. Paul Anderson, VP of Engineering at GrammaTech, leads product engineering, and is responsible for the company’s full product portfolio. He is an expert in regulatory requirements and best practices for assuring software security and safety. He has served as Principal Investigator for SBIR Phase I and Phase II government research contracts for static analysis of machine code, program understanding and code rewriting. Dr. Anderson is a senior member of the Association for Computing Machinery (ACM).

 

 

WHAT:

 

“Finding the Serious Bugs that Matter with Advanced Static Analysis”
Wed, March 3, 2021 @ 4:15 PM

 

 

 

Embedded software that guides vehicle intelligence systems, ADAS, space exploration and guided missiles must be free from safety defects and security vulnerabilities. In this session, Dr. Anderson will explain why conventional static analysis tools being used to ensure compliance with coding standards such as MISRA, OWASP and CERT are unable to detect serious defects. He will discuss the need for a binary analysis that can extract deep, semantic meaning for finding hidden defects and vulnerabilities, and present real-world examples of bugs this approach can detect in production code that has passed style checking, manual review, and testing.

 

 

 

“Finding N-day Security Vulnerabilities in Third-party Software”
Fri., March 5, 2021 @ 2:30 PM

 

 

Developers are increasingly turning to commercial off-the-shelf (COTS) components to reduce cost and time to market for new applications and services. This third party code can introduce n-day vulnerabilities (for which a fix is available but hasn’t been applied) into applications, as happened with the Apache Struts vulnerability and the Equifax breach. It is difficult to detect since source code is often unavailable for testing. In this session, Dr. Anderson will explain how new Software Composition Analysis tools can identify n-days in binary components. He’ll take it under the hood to discuss how SCA uses sets of identification algorithms and machine learning to produce a software bill of materials (SBOM) and cross-check components against vulnerability databases to assess risk.

 

 

WHEN:

Wed, March 3, 2021 @ 4:15 PM - “Finding the Serious Bugs that Matter with Advanced Static Analysis”

 

 

 

Fri., March 5, 2021 @ 2:30 PM - “Finding N-day Security Vulnerabilities in Third-party Software”

 

 

WHERE:

embedded world 2021 DIGITAL. The embedded world conference is the world’s largest gathering of embedded experts who discuss key trends, new developments and solutions. Due to Covid-19, this year’s event will be entirely digital and will run from March 1-5, 2021.

 

 

HOW:

To register, visit https://www.embedded-world.de/en. To schedule a conversation with Dr. Anderson, contact Marc Gendron at marc@mgpr.net or +1 781.237.0341.

About embedded world 2021 DIGITAL

By experts for experts: The embedded world 2021 DIGITAL is where specialists gather to share knowledge. International exhibitors from around the world will present their products, new developments and solutions on the Internet-of-Things, hardware, software and systems engineering, safety and security, system-on-chip design, embedded vision, human-machine interaction, wired and wireless data transfer and autonomous systems. For more information, visit the conference website at https://www.embedded-world.de/en, and follow on Twitter, LinkedIn, and Facebook. Use hashtags #ew21 and #ew21DIGITAL.

About GrammaTech

GrammaTech is a leading global provider of application testing (AST) solutions used by the world's most security conscious organizations to detect, measure, analyze and resolve vulnerabilities for software they develop or use. The company is also a trusted cybersecurity and artificial intelligence research partner for the nation’s civil, defense, and intelligence agencies. GrammaTech has corporate headquarters in Bethesda MD with a Research and Development Center in Ithaca NY. Visit us at https://www.grammatech.com/, and follow us on LinkedIn and Twitter.
CodeSonar® is a registered trademark of GrammaTech, Inc.

Contacts

Media:
Marc Gendron
Marc Gendron PR for GrammaTech
781.237.0341
marc@mgpr.net

Industry:

GrammaTech

Release Summary
Expert will discuss the need for binary inspection in both application security testing and software composition analysis to find code defects.
Release Versions
English
Hashtags
#Appsec
#DevOps
#DevSecOps
#SAST
#SCA
#applicationsecurity
#applicationtesting
#codesecurity

Contacts

Media:
Marc Gendron
Marc Gendron PR for GrammaTech
781.237.0341
marc@mgpr.net

More News From GrammaTech

CodeSecure and FOSSA Partner to Deliver Single Integrated Platform for Binary and Open Source Analysis

BETHESDA, Md.--(BUSINESS WIRE)--Together CodeSentry-FOSSA allows customers to generate comprehensive SBOMs that trace both open source and binaries contained in their software....

CodeSecure Grows Presence in European Market with New Go-to-Market Partners

BETHESDA, Md.--(BUSINESS WIRE)--Europe is a key growth market for CodeSecure so expanding our presence beyond our existing base of partners is a priority for us....

Cybeats Partners with CodeSecure to Automate Software Supply Chain Security Management

TORONTO & BETHESDA, Md.--(BUSINESS WIRE)--CodeSecure provides binary-derived SBOM intelligence to Cybeats for automating the detection, prioritization and mitigation of vulnerabilities....
Back to Newsroom