Sigrid® | Software Assurance Platform - SIG | Getting software right for a healthier digital world

Your software build quality and security measured, continuously

Sigrid®, our software assurance platform, combines build quality analysis based on ISO 25010 and portfolio-level vulnerability scanning with our unparalleled expertise to enable you to measure, evaluate and monitor your software quality in every stage of the software life cycle – whether you’re buying, building or operating it.

Sigrid pinpoints attention areas within your software portfolio.

Sigrid continuously measures and monitors the build quality of your enterprise software, including security, architecture, maintainability and productivity – and makes these findings and metrics easily accessible to CIOs, architects and developers alike.

With these unique insights, Sigrid surfaces the key factors driving software Total Cost of Ownership and empowers you to make intelligent, fact-based decisions that cut costs, increase security, reduce risks, speed up time to market, and accelerate digital transformation.

Sigrid shows you how the quality of your software portfolio is progressing.

Sigrid | Software Assurance Platform

Benefits

Insight from bit to boardroom

Sigrid provides high-level portfolio overviews of code-level violations as well as deep-dive findings around aspects such as system architecture. Whether it's the CIO or the last developer, all stakeholders get the appropriate insight.

Static Application Security Testing

Sigrid provides portfolio level SAST, that helps your security team and developers to quickly identify vulnerabilities, categorize and prioritize them.

A benchmarked score for your system

The results of your software measurements are compared with those of the 7,000 systems and 60+ billion lines of code in our software analysis database, giving you immediate insight into how your software stacks up against the market.

ISO 25010 Maintainability analysis

Sigrid analyzes source code maintainability according to the international standard for software quality, ISO/IEC 25010:2011. This certified analysis ensures a true reflection of the system maintainability.

Prioritized actions without a flood of violations

Sigrid provides you with a prioritized list of clear actions, not a firehose of findings overloading your developers.

Support for 280+ technologies

From Cobol and PL/SQL via Java and .NET to Outsystems and Mendix, Sigrid supports more than 280 programming languages. That makes it the most comprehensive code quality tool available.

Quality of low-code, visualized

With Sigrid, developers get insights into the quality of their low-code applications in the same way they built them - visually. Not in lines of code from a text-based export. That makes it straightforward and intuitive to interpret results.

Sigrid | Open Source Health

Sigrid’s Open Source Health module provides detailed insight into the state of third party dependencies within your portfolio, allowing you to proactively tackle security risks and copyright issues. This makes Sigrid your platform for Software Composition Analysis (SCA) and Software Bill Of Materials (SBOM) inventories.

Sigrid’s Security module provides identification, classification and prioritization for vulnerabilities in your portfolio. Continuous scanning is performed using industry-leading vulnerability identification technologies. Findings can be prioritized and are summarized per system and at portfolio level.

Sigrid helps you to identify technical debt throughout your landscape, and prioritize which issues should be handled first.

Sigrid | Software Assurance Platform

Modules & Integrations

Continuous Integration

Sigrid CI incorporates direct, immediate feedback into your development pipeline, so your team can be sure that every commit meets the SIG maintainability benchmark. All leading development platforms are supported, including GitHub, GitLab, Bitbucket, Azure DevOps, and Jenkins.

Vulnerability Scanner

Sigrid performs a full security analysis on source code, identifying and prioritizing issues. Our consultants then translate these findings into recommended actions.

Open Source Health

A scan of your open source dependencies for risks around security, license usage, freshness, activity, stability and package manager use. Identified risks are summarized per dependency, giving you actionable insight.

Mendix Application Quality Monitor

A powerful integration with the Mendix Application Quality Monitor to analyze the quality of the code developed in the Mendix low-code environment and identify improvement areas.

Siemens Capital Software Designer

A powerful integration to effectively measure, manage, and control the software deliverables created with Siemens Capital Software Designer.

Sigrid’s Architecture page allows architects to find common anti-patterns and check if the implemented solution adheres to the design.

Let's continue the conversation.

We'd love to chat about how we can help your organization.

Contact us

Clients

Who we help

“The value which SIG brought us by giving us the insights into our code base, and also the advice, is that we are now able to produce and develop a more sustainable platform for the future. Both on the scalability and maintainability.”

Joeri Kamp
VP Everon, EVBox

"Modern banks have become high-end IT companies. Today the "black box“ character of many systems is still dominant, which often causes unexpected and costly problems and also quickly translates into reputation damage. Based on my experience, I can confirm that certification adds great value by making software quality transparent and it creates a neutral understanding and objective basis for improvement."

Sander Veenstra
Principal IT Application Development Expert, ECB

"In the future, we will make more and more use of SIG's quality analysis to guarantee that the software that we use in our data-driven organization is at a sufficient level”

Watch Rijkswaterstaat's story >

Peter den Held
Director of Development, Rijkswaterstaat

Resources