Synopsys Announces First Application Security Testing Solution

By : Krishna Anindyo | Thursday, February 20 2020 - 15:13 IWST

Synopsys, Inc. (Images by PR Newswire)
Synopsys, Inc. (Images by PR Newswire)

INDUSTRY.co.id - Singapore - Synopsys, Inc. Announced that it will release a major update to the Polaris Software Integrity Platform to extend its static application security testing and software composition analysis capabilities to the developer's desktop through the native integration of the Code Sight IDE plugin.

These capabilities, the first of their kind, will enable developers to proactively find and fix both security weaknesses in proprietary code and known vulnerabilities in open source dependencies simultaneously, without leaving their interactive development environment.

"In modern development environments, security testing needs to integrate seamlessly into the developer's workflow, but it also needs to cover both proprietary and third-party code," said Simon King, vice president of solutions at the Synopsys Software Integrity Group.

"By providing real-time SAST and now SCA results together in the IDE, Synopsys enables developers to detect security defects in both their own code and the open source components they leverage - as they build their applications. Developers can fix problems in real time, avoiding the risks and loss of productivity when issues are allowed to go undetected for days, weeks, or even months after they've moved on to other tasks. With this release, the native integration of the Code Sight IDE plugin enables developers to build secure, high-quality software faster."

Building on the Code Sight SAST capabilities first introduced in 2019, this release introduces the ability to analyse declared and transitive open source dependencies, flagging components with known security issues alongside SAST findings in the IDE.

With the new SCA capabilities, developers can review known vulnerabilities of flagged components to verify the risk and determine remediation options, all without leaving the IDE. 

The Code Sight plugin provides vulnerability information from Black Duck Security Advisories, researched by Synopsys, as well as public CVE records from the National Vulnerability Database. 

BDSAs provide developers with more timely, accurate, and thorough risk and remediation information than is available in the NVD, helping them find and fix vulnerabilities faster and more effectively than other solutions. 

The Code Sight plugin also helps developers quickly identify and select the best fix for vulnerabilities by providing detailed remediation guidance, directing them to more secure component versions. Developers can then implement fixes at once, without interrupting their workflow or leaving the IDE.

In addition to vulnerability information, the Code Sight plugin provides other information developers can use to optimise component selection, including open source license risks and potential security and license compliance violations of the organisation's predefined open source policies.

News Comment

Today's Industry

Photo: Aris Nurjani/VOI

Rabu, 28 Februari 2024 - 12:47 WIB

Carsurin and NBRI Strengthen Strategic Alliance to Propel Indonesia’s EV Industry

PT Carsurin Tbk ("Carsurin") and the National Battery Research Institute ("NBRI") are pleased to announce the signing of a pivotal Strategic Alliance Agreement (SAA), marking a significant advancement…

Beras (Foto/Rizki Meirino)

Rabu, 21 Februari 2024 - 08:43 WIB

Gov’t to Continue Disbursing Rice Assistance

President Joko “Jokowi” Widodo has ensured that the Government will continue rolling out the rice assistance program for low-income families. The President made the statement when handing…

Ilustrasi pabrik beras. (Foto: DetikFood)

Rabu, 21 Februari 2024 - 08:40 WIB

Bapanas Head Ensures Availability of Rice Stock Ahead of Ramadan

The National Food Agency (Bapanas) has ensured the availability of rice for the fasting month of Ramadan and Eid al-Fitr 1445 Hijri/2024 CE. “We believe that there is enough rice for the fasting…

Receives Chairman of Jababeka (KIJA), Menpora Dito Ready to Support the Development of Sports SEZs

Rabu, 21 Februari 2024 - 08:23 WIB

Receives Chairman of Jababeka (KIJA), Menpora Dito Ready to Support the Development of Sports SEZs

Chairman of PT Jababeka Tbk (KIJA), Setyono Djuandi Darmono met the Minister of Youth and Sports of the Republic of Indonesia (Menpora RI) Dito Ariotedjo at the Kemenpora RI Office, Senayan,…

The Indonesian Embassy in Cairo Receives Aid for Palestine

Senin, 19 Februari 2024 - 17:39 WIB

The Indonesian Embassy in Cairo Receives Aid for Palestine

The Indonesian Embassy in Cairo welcomes the Radjiman Wedyodiningrat Warship (RJW-992) which arrived at the Al Arish Port, North Sinai Province of Egypt at 8.00 A.M. Cairo local time (13/02).…