MOUNTAIN VIEW, Calif., Jan. 15, 2019 /PRNewswire/ -- Synopsys, Inc. (Nasdaq: SNPS) today announced the availability of a new version of its Coverity® static application security testing (SAST) solution, which enables organizations to build secure
applications faster. The latest release of Coverity addresses three increasingly important needs for enterprise application
security teams: scalability, broad language and framework support, and comprehensive vulnerability analysis.
"While application vulnerabilities continue to be the most common vector for cyberattacks, organizations are expanding their
application portfolios and relying heavily on software to perform critical business functions and deliver customer value," said
Andreas Kuehlmann, co-general manager of the Synopsys Software Integrity Group. "This means
enterprise application security teams need to be able to assess their growing and increasingly diverse application inventories
for vulnerabilities, while minimizing impact to their development velocity and business operations. The latest Coverity release
enables security teams to do just that by extending our world-class static analysis technology to a wider range of applications
and making it easier than ever to implement and scale across large application portfolios."
Scalable SAST for enterprise security teams
Coverity enables enterprise organizations to scale their SAST efforts across large application portfolios. The latest Coverity
solution now includes a feature called 'analysis without build' that allows security teams to onboard and analyze thousands of
applications quickly and easily. Security teams can now simply point Coverity to a source code project and begin analyzing in
seconds, without first having to do a full build operation for each application. Unlike other SAST solutions, Coverity
automatically detects project types and fetches the dependencies that would normally be incorporated in the build process. Use of
this new feature ensures comprehensive analysis and eliminates the need to manually declare dependencies.
Broad language and framework support
The ecosystem of programming languages and frameworks used to build applications is expanding, and SAST tools need to
understand how each one works in order to be effective. To address the needs of enterprise organizations with diverse application
portfolios, Synopsys has significantly expanded Coverity's language and framework coverage. The latest Coverity release introduces support for TypeScript,
.NET Core, Swift 4.1, and Ruby on Rails, as well as more than 50 different frameworks for Java, JavaScript, C#, including
Angular, React, and Vue.
Comprehensive vulnerability analysis
The Coverity analysis engine utilizes a variety of techniques to look at code in different ways and find the most actionable
and critical security vulnerabilities. In response to the growing popularity of frameworks, the latest Coverity release includes
dramatically improved framework analysis, which allows customers to more accurately detect client-side and back-end web services
vulnerabilities. Coverity can also now analyze JavaScript framework templates, which are a popular means of client-side data
binding. Coverity can now scan the HTML generated on the fly from such templates to find additional cross-site scripting
vulnerabilities.
Click to learn more about Coverity static analysis.
About the Synopsys Software Integrity Platform
Synopsys Software Integrity Group helps organizations build secure, high-quality software, minimizing risks while maximizing
speed and productivity. Synopsys, a recognized leader in application security, provides static analysis, software composition
analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary
code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise,
only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
Learn more at www.synopsys.com/software.
About Synopsys
Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the
electronic products and software applications we rely on every day. As the world's 15th largest software company, Synopsys has a
long history of being a global leader in electronic design automation (EDA) and semiconductor IP and is also growing its
leadership in software security and quality solutions. Whether you're a system-on-chip (SoC) designer creating advanced
semiconductors, or a software developer writing applications that require the highest security and quality, Synopsys has the
solutions needed to deliver innovative, high-quality, secure products. Learn more at https://www.synopsys.com/.
Editorial Contacts:
Mark Van
Elderen
Synopsys, Inc.
650-793-7450
mark.vanelderen@synopsys.com
Liz
Samet
Synopsys, Inc.
703-657-4218
elizabeth.samet@synopsys.com
View original content:http://www.prnewswire.com/news-releases/synopsys-unveils-coverity-enhancements-to-extend-breadth-depth-and-scalability-of-enterprise-application-security-testing-300778156.html
SOURCE Synopsys, Inc.