Julia Static Analyzer
GrammaTech Acquires JuliaSoft to Expand Reach of CodeSonar® SAST Platform to Java and C#
(Bethesda (MD)/USA, 22 July 2020)GrammaTech announced that it has acquired the intellectual property and assets of JuliaSoft S.r.l. (Italy) to extend its CodeSonar Static Application Security Testing (SAST) platform with automated code analysis for Java and C# code.
To provide customers with an integrated solution for reliably detecting security vulnerabilities and other defects in their embedded applications, the Julia Static Analyzer will be unified into the CodeSonar® platform. This will enable developers to perform static analysis of C, C++, Java and C# code and develop secure applications faster. The new language support extends automated detection of software vulnerabilities to enterprise use cases where safety and security are indispensable.
The Julia products will immediately extend CodeSonar’s market reach and differentiation by further expanding its depth and breadth whether the use case is achieving code checking, code quality, code security or adhering to coding standards.
Julia Static Analyzer is best in class for finding defects and security vulnerabilies in C#, Java and Android applications (for C and C++ languages, please have a look to GrammaTech CodeSonar
). By using Julia Static Analyzer, you reduce development and maintenance costs and eliminate risks related to security vulnerabilities and privacy leaks. The powerful analysis technology ensures a maximum precision of results. With advanced dashboarding you can flexibly transform the data into useful information for the different stakeholders.
Julia is a next generation static analyzer, particularly accurate in identifying security vulnerabilities in Java, .NET and Android applications. Based on a scientific method, Julia is able to find what the other analysis tools miss, as demonstrated by the OWASP Benchmark results. Watch the video here
Scientific method guarantees unrivaled precision
Julia is an extremely efficient static analyzer for Java, Android and .NET. The accuracy of the tool is made possible by an innovative technology based on the scientific method of abstract interpretation. Julia reconstructs the program graph and examines all the possible execution paths, thus being able to identify ALL the errors it is looking for. The tool analyzes bytecode thus making it possible to verify proprietary code or third-party applications. It helps you to correct errors: the user can consult the single warnings directly on the line of code, and categorize the results according to their context and based on the type and severity of the error.
A wide Range of Checkers to identify Bugs, Vulnerabilities and Inefficiencies
Julia's checkers (analysis modules) cover a wide range of errors and problems:
Conditions that may have a serious impact during the execution are checked. Checks includes errors with null pointer, the risk of not terminating the code, the correct implementation of comparison among objects, the correct management of exceptional situation, the consistency of competitor access to data, and many more.
Identification of data streams that lead to those that are considered the most dangerous programming errors, such as cross-site scripting, SQL Injection, http response splitting.
Julia reports the potential causes of inefficiency like situations where the garbage collector is overloaded, unnecessary comparisons among objects, the creation of redundant objects, and unnecessary writing in memory.
Julia suggests improvements of code writing, in the choice of variable names, for the simplification of syntactical expressions. As the checkers are independent from each other, they can be freely included in the analysis.
Detailed Warnings and Suggestions for the Correction of Defects
Julia helps the programmer and the team leader in problem solving, at decision making and implementation level. The checkers generate a detailed list of warnings, that is evidence of errors, with suggestions for solutions that can be controlled and implemented by the programmer.
Warnings are categorised to expresses the seriousness and reliability in order to lead the correction of the code based on corporate priorities. A PDF report, generated automatically at the end of each analysis, offers a qualitative and quantitative view of the results with graphical elements adapted for a quick and easy consultation at executive level.
The dashboard shows the history, the statistics on the carried out analyses, the administration and the configuration of the users are delivered via a web interface of the analysis server.
Local server or cloud: the analysis is carried out using a plugin on a remote server that can be installed on-premises or delivered as a cloud service.
More detailled information is available from JuliaSoft website