GrammaTech Continues to Expand Footprint in Application Security Testing Market

Posted on


Emergence of Product Security as a Top Priority for Suppliers and Consumers of Software/Hardware Fueled Market Adoption for Testing Solutions

BETHESDA, Md., Jan. 26, 2023 — GrammaTech, a leading provider of application security testing products and software research services, today announced its continued growth in the application security testing (AST) market and DoD cyber security services. Market demand and adoption for the company’s testing tools was fueled by several high profile software supply chain incidents, as well as the President’s Executive Order on Improving the Nation’s Cybersecurity, and the Office of Management and Budget’s guidance for Federal agencies on software cybersecurity.

Customers signed multi-year contracts to embed the company’s static application security testing (SAST) tools into their development pipelines in order to implement security earlier in their product development processes (also known as Shift Left). Another major business driver for the CodeSentry offering is the anticipated requirement that software and hardware vendors will be expected to provide and maintain for the federal government and commercial customers a software bill of materials (SBOM) to protect against supply chain vulnerabilities embedded in product code like the Log4j flaw. Finally, organizations are acquiring technology to extract their own SBOMs in order to proactively manage risk associated with third party and open source vulnerabilities associated with commercial software products they use.  

GrammaTech’s focus on customer satisfaction, acquisition and retention in key markets including the global automotive, aerospace and industrial controls sectors resulted in the company achieving an NPS (Net Promoter Score) in the 95th percentile for enterprise software companies. This extremely high customer experience score is based on organizations implementing GrammaTech’s products across their software development life cycles which often spans geographically dispersed sites.

“GrammaTech bookings for both our products business and government research division remained strong,” said Mike Dager, CEO of GrammaTech. “Concerns among software and hardware vendors over product security, especially code vulnerabilities introduced by third party and open source components, served as a lightning rod for the market in 2022. As did the president’s executive order and OMB memo.”


GrammaTech Business Highlights

  • Company increased revenue for CodeSonar and CodeSentry at a faster rate than the overall AST market
  • Launched v3.0 and v4.0 of the CodeSentry software supply chain security platform that uses SBOMs to prevent the exploitation open-source vulnerabilities in purchased or third party software
  • Launched v7.0 of CodeSonar, which developers use to build safer and more secure code without disrupting their workflows, and introduced a Hybrid Cloud deployment option
  • Introduced the first annual Product Security Executive (PSE) of the Year Awards competition that recognizes individuals whose contributions have delivered advancements in security for embedded or commercial software products.
  • Received several industry accolades, including CodeSentry being named Best SBOM in the 2022 ASTORS by American Security Today, and Editor’s Choice winner for Software Supply Chain Security in the Cyber Defense Magazine’s Global Infosec Awards.
  • Secured several new government research contracts including DAPRA Lifting Legacy Code (LiLaC) Phase 2 Program, Army C5ISR and Air Force Phase I SBIR Program
  • Signed several Government research contract extensions with the Office of Naval Research, US Cyber Command, and the Maryland Procurement Office.
  • Added Tom van Gorder as Chief Revenue Officer, Dan Goodwin as General Manager of GrammaTech Research, and Tom Burns, former Director, Strategic Technology Office for the Defense Advanced Research Projects Agency (DARPA) as a new board director.


About GrammaTech

GrammaTech is a leading global provider of application security testing (AST) solutions used by the world’s most security conscious organizations to detect, measure, analyze and resolve vulnerabilities for software they develop or use. The company is also a trusted cybersecurity and artificial intelligence research partner for the nation’s civil, defense, and intelligence agencies. GrammaTech has corporate headquarters in Bethesda MD, a Research and Development Center in Ithaca NY, and publishes Shift Left Academy, an educational resource for software developers. Visit us at, and follow us on LinkedIn and Twitter.  

Related Posts

Check out all of GrammaTech’s resources and stay informed.

view all posts

Contact Us

Get a personally guided tour of our solution offerings. 

Contact US