GrammaTech and Osterman Research to Present Findings from Software Supply Chain Security Study

Webinar will Reveal Hidden Attack Vectors in Commonly Used Commercial Off-the-Shelf Software Applications

BETHESDA, Md.–(BUSINESS WIRE)–#SBOMGrammaTech, a leading provider of application security testing products and software research services, today announced it will host a free webinar on September 15, 2021 entitled Exposing Software Supply Chain Security Blind Spots featuring Michael Sampson, Senior Analyst, Osterman Research.


Michael Sampson, Senior Analyst, Osterman Research

Vince Arneja, Chief Product Officer, GrammaTech




It has long been suspected that Commercial off-the-shelf (COTS) software applications represent a security blind spot for organizations. They are typically deployed without knowing what components are present and whether any vulnerabilities exist. Without this visibility, organizations rely on defensive measures to react to attacks or breaches. A recent Osterman Research study investigated security vulnerabilities in widely used COTS applications – the main backbone of an organization’s software supply chain. This webinar will present the findings of the research and discuss how organizations can take a more proactive approach to addressing software supply chain security risks. Attendees will learn:




• Why vulnerable components in COTS software applications pose an often unknown security threat


• Which software categories (web browsers, email, file sharing, online meetings and messaging) contained vulnerable open-source components


• Which application categories are the most vulnerable and what risks do they pose


• How to proactively reduce the attack surface in COTS applications




September 15 at 2:00 pm EDT




This webinar is accessible online with confirmed registration.




To register, visit To schedule a conversation with Vince Arneja, contact Marc Gendron at or +1 617.877.7480.

About GrammaTech

GrammaTech is a leading global provider of application security testing (AST) solutions used by the world’s most security conscious organizations to detect, measure, analyze and resolve vulnerabilities for software they develop or use. The company is also a trusted cybersecurity and artificial intelligence research partner for the nation’s civil, defense, and intelligence agencies. GrammaTech has corporate headquarters in Bethesda MD, a Research and Development Center in Ithaca NY, and publishes Shift Left Academy, an educational resource for software developers. Visit us at, and follow us on LinkedIn and Twitter.

CodeSonar® and CodeSentry® are registered trademarks of GrammaTech, Inc.


Media Contact:

Marc Gendron

Marc Gendron PR for GrammaTech