GrammaTech CodeSentry 3.0 improves software supply chain security>
Help Net Security
GrammaTech announced a new version of its CodeSentry software supply chain security platform which enables organizations to produce a software bill of materials (SBOM).

CodeSentry enables organizations to proactively detect and address risks in commercial off the shelf (COTS) applications and third-party software, and allows development teams to assure they are delivering secure and compliant software. With the integration of VulnDB from Risk Based Security, a Flashpoint company, CodeSentry version 3.0 now provides enhanced intelligence, visibility and remediation information for vulnerabilities present in open source components as well as license information that it detects by automating binary scanning.

Since source code is rarely available for purchased applications and third party code, binary analysis is the only alternative for extracting a SBOM to identify open source components and security vulnerabilities they may contain. Offered as a SaaS or on-premises solution, CodeSentry completely automates this process â providing a foundation for improving software supply chain security.
Link: https://www.helpnetsecurity.com/2022/01/20/grammatech-codesentry-3-0/