GrammaTech Announces GitLab Partnership for CodeSonar SAST Product

Posted on


Integration Adds Built-in Shift Left Capabilities to the GitLab CI/CD Pipeline for Transparent DevSecOps


BETHESDA, Md.–()–GrammaTech, a leading provider of application security testing products and software research services, today announced a technology partnership with GitLab, the single application for the DevOps lifecycle. As part of the alliance, the GrammaTech CodeSonar® Static Application Security Testing (SAST) product is now integrated with GitLab’s Ultimate DevSecOps platform allowing customers to implement code analysis early and directly within CI/CD pipelines.

Development teams are under constant pressure to meet aggressive deadlines for delivering new software, with rolling releases and agile development practices that are pushing new features and code quickly into production. GrammaTech CodeSonar® is designed to shift security left in DevSecOps by detecting and eliminating bugs and vulnerabilities at the earliest stages of the development cycle. The integration of CodeSonar with GitLab enables organizations to develop and release high quality and secure software that is free from harmful defects and exploitable weaknesses which can cause system failures, enable data breaches and increase liability.

“Through this strategic partnership and integration, GrammaTech CodeSonar and its unique static application security testing capabilities are now natively available to development teams from within the GitLab CI/CD pipeline,” said Vince Arneja, Chief Product Officer at GrammaTech. “This enables security to move seamlessly from testing into development workflows, allowing enterprises to transform secure coding and accelerate software delivery.”

“GitLab is pleased to welcome GrammaTech as a strategic partner,” said Michelle Hodges, VP – Global Channels at GitLab. “The company’s enterprise SAST expertise and CodeSonar product are a natural fit for our customers in the automotive, IoT and aerospace sectors.”

The GrammaTech module for GitLab provides native SAST capabilities that scan code for defects within CI/CD pipelines, and eliminates the need for any integration and maintenance by users. It enables customers to assess code continuously, avoiding costly mistakes and rework associated with waiting until the testing phase to scan for security problems.


CodeSonar SAST GitLab Integration is available immediately from GrammaTech and its business partners worldwide. For more information visit

About GrammaTech

GrammaTech is a leading global provider of application testing (AST) solutions used by the world’s most security conscious organizations to detect, measure, analyze and resolve vulnerabilities for software they develop or use. The company is also a trusted cybersecurity and artificial intelligence research partner for the nation’s civil, defense, and intelligence agencies. GrammaTech has corporate headquarters in Bethesda MD with a Research and Development Center in Ithaca NY. Visit us at, and follow us on LinkedIn and Twitter.

CodeSonar® is a registered trademark of GrammaTech, Inc.

Interested in learning more? Check out our CodeSentry SCA product page for additional details.


Related Posts

Check out all of GrammaTech’s resources and stay informed.

view all posts

Contact Us

Get a personally guided tour of our solution offerings. 

Contact US