CodeSonar for Binaries from GrammaTech, Inc. is a static-analysis tool for analyzing binary libraries and executables that enables users to examine software for security vulnerabilities and malicious code without the need for source code. Because the technology does not rely on debug or symbol-table information, it can examine the stripped executables normally shipped by software vendors.
CodeSonar for binaries identifies security vulnerabilities in third-party executables, enabling better Supply Chain Risk Management (SCRM). As a result, users can use CodeSonar for Binaries to perform a security analysis on software without any cooperation from the vendor.
The analysis engine is the result of a 10-year collaboration between GrammaTech and the University of Wisconsin-Madison, involving 21 experts in program analysis and $15 million in research and development (R&D). As GrammaTech increased its R&D spending, several key researchers at the University of Wisconsin joined the company. The innovative technology has received prestigious awards at Computer Science conferences.