Featured Webinar: Unveiling Parasoft C/C++test CT for Continuous Testing & Compliance Excellence | Watch Now


DoD Approves Parasoft Static Application Security Testing (SAST) Container for DevSecOps Deployment


Parasoft Helps DoD Formalize DevSecOps Initiatives & Deliver Assured Software Security at Speed

Monrovia, CA, — October 13, 2021 — Parasoft, a global leader in automated software testing for over 30 years, today announced Parasoft C/C++test, the static application security testing (SAST) tool, has been containerized and pre-approved for use by the Department of Defense (DoD) and other key federal agencies. The Parasoft SAST container is available for download from the Iron Bank repository.

Iron Bank is a U.S. Air Force project designed to formalize DevSecOps across DoD software programs. It’s a repository of hardened containers that are digitally signed and available through U.S. Air Force Platform One to deliver secure software development. Read the Parasoft blog to learn more.

Formalizing DevSecOps will help bring DoD software programs a step closer to building a robust continuous ATO process for deploying software confidently that meets DoD security and compliance standards. This breakthrough will allow DoD to keep pace with the modern battlefield that’s increasingly becoming powered by software. Accelerating software delivery with a more streamlined approach to the ATO process is invaluable in helping DoD deliver assured software security at speed. Parasoft C/C++test solution is positioned to help DoD meet the growing need to deliver software without sacrificing speed or security.

The formalization of DevSecOps in DoD enables innovation and faster deployment times to keep pace with the growing demands of the modern battlefield without sacrificing quality and security. Protecting mission-critical software applications is a priority and it starts with software security. Parasoft realizes the importance of protecting DoD’s mission-critical systems and has invested significant resources to ensure its containerized solutions meet DoD security standards and best practices. Notably, Lockheed Martin, in addition to the F-35 Joint Program Office (JPO), has formalized the Parasoft SAST solution as part of its software testing process for quality and security.

“The DoD Enterprise DevSecOps Initiative with Platform One and Iron Bank is innovating and modernizing software development for the Department of Defense software programs. Lowering the bar for software programs to formalize automated security testing in development workflows is a great way to accelerate software deployment without sacrificing security and compliance,” said Kevin E. Greene, director of security solutions at Parasoft. “We’re thrilled to be a key enabler in helping DoD deploy software more confidently to meet their mission needs.”

With recent attacks targeting the software supply chain, Parasoft realizes the importance of hardening and securing the toolchain to mitigate software integrity issues. To provide full support to DoD’s DevSecOps mission-critical pipelines, Parasoft will push into Iron Bank its entire automated testing solution suite, which focuses on early coding and testing along with system functional testing, including API testing, load/performance testing, and system end-to-end testing.

About Parasoft

Parasoft helps organizations continuously deliver quality software with its market-proven, integrated suite of automated software testing tools. Supporting the embedded, enterprise, and IoT markets, Parasoft’s technologies reduce the time, effort, and cost of delivering secure, reliable, and compliant software by integrating everything from deep code analysis and unit testing to web UI and API testing, plus service virtualization and complete code coverage, into the delivery pipeline. Bringing all this together, Parasoft’s award-winning reporting and analytics dashboard delivers a centralized view of quality enabling organizations to deliver with confidence and succeed in today’s most strategic ecosystems and development initiatives—security, safety-critical, Agile, DevOps, and continuous testing.

# # #

Press Contacts

For US inquiries:

Erika Delgado


+1 626 275 2434

For EMEA inquiries:

Beate Lorenzoni


+49 8122 559170