CodeSentry: On-Premise System Requirements & Supported File Formats

Overview

CodeSentry is built as a SaaS hosted solution but can be installed locally within your own domain if required. The on-premise installation uses Replicated and consequently the operating system and hardware requirements for CodeSentry are closely related to those for Replicated as described below. 

This information is applicable to CodeSentry version 4.0 and above.

Platform Support

It is important to note that CodeSentry can only be installed on Linux systems.

Linux Distribution Version
Amazon Linux 2
Centos 7.2, 7.9, 8.0-8.4
Debian 9, 10
openSuse 12-SP2 to 12-SP5
Red Hat Enterprise 7.4-7.9, 8.0-8.4
Suse Enterprise 12-SP2 to 12-SP5
Ubuntu 18.04, 20.04

 

Hardware

Hardware requirements are specific to the workload running in the cluster but the following guidelines are recommended to support bare cluster installations.

Role Memory CPU Disk
master 128GB

Intel Xeon® Platinum 8175M processors with Advanced Vector Extension (AVX-512) instruction set (or better).

40 virtual cores

High-IOPS, low latency disks are required (SSD, non-NFS).

7.5TB
node 32GB 8 virtual cores 1.5TB

 

Performance

Typical performance, noted as number of targets scanned per hour, is calculated by scanning a variety of typical software packages. CodeSentry is capable of the following performance, depending upon hardware settings.

Hardware settings Performance
Minimum

up to 2500 targets per hour

Recommended

up to 4600 targets per hour

 

Supported File Formats

Analyzable File Type (mime type)
Typical File Extension

N-Day Shallow

Zero-Day Shallow N-Day Deep
Zero-Day Deep

Android Dex

.dex Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png

Android ODex

.odex Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png

Java Archive
(application/zip)

.jar Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png
Java Class File .class Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png
Javascript files .js Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png
Javascript packages .npm Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png
Linux executable
(application/x-executable)
none Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png
Linux executable
(application/x-pie-executable)
none Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png
Linux kernel none Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png
Linux kernel module none Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png
Linux shared library
(application/x-sharedlib)
.so Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png
Linux Object File (application/x-object) .o Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png
MacOS executable or library
(application/x-mach-binary)
none Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png
Python files .py Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png
Python packages .whl, .python Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png
Windows dynamic linked library
(application/x-dosexec)
.dll Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png
Windows object file .obj Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png
Windows executable
(application/x-dosexec)
.exe Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.09.50_PM.png
Firmware files various Screen_Shot_2022-01-24_at_12.09.50_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png Screen_Shot_2022-01-24_at_12.10.04_PM.png

 

Archive File Type Required File Extension
AR .a, .ar, .deb, .lib
arj .arj
bzip2 .bz2, .tbz, .tbz2
Cab .cab, .msu
Compound types .msi, .msp
Cpio .cpio
cramfs .cramfs
Docker container .tar.gz
Ext2 .ext2
Ext3 .ext3
Ext4 .ext4
FAT .fat
Gzip .gz, .gzip, ,tgz
Iso .iso
lrzip .lrz
lzip .lz
lzma .lzma
lzop .lzo
MacOS Installer .dmg (HFS/HFS+only)
MBR .mbr
Pax .pax
QNX .ima
Rar .rar
Rpm .rpm
rzip .rz
Squash FS .sqsh
Tar .tar, .ova
upx .upx
VMDK .vmdk
Xar .xar, .pkg
Xz .xz, .txz
ZIP .zip, .ipa, .xpi, .vsix, .whl, .apk
7z .7z

 

Supported Firmware Formats

The following formats are supported

  • File Formats
    • SREC
    • bFLT
    • base64
    • Intel HEX
    • uBoot
    • wim
  • File Systems
    • JFFS2 (.img and .jffs2)
    • romfs
    • yaffs2
    • ubifs

Other Information

The following addition information can be found in the CodeSentry datasheet

  • Software Bill of Materials (SBOM) Output
  • Vulnerabilities and Checks Performed
  • Security Attributes
Was this article helpful?
3 out of 3 found this helpful

Articles in this section

GrammaTech Resource Library
Welcome to GrammaTech's resource library. Here you will find useful information about software development in the IoT era, where devices must not only function with impeccable quality and safety but also remain resilient to cyber attacks.
Shift Left Academy
Shift Left Academy is an educational resource to help implement a security first approach. Shift Left focuses on finding and preventing defects and security vulnerabilities early in the software development process
Blog
Posts by topic including static analysis, software assurance, and binary analysis