Synopsys Code Sight combines SAST, SCA testing in the IDE

14 Feb 2020

Synopsys Code Sight combines SAST, SCA testing in the IDE

Synopsys’ Code Sight IDE plug-in provides capabilities for simultaneous static application security testing (SAST) and software composition analysis (SCA).

Synopsys has introduced a new application security tool that combines the best of static application security testing and software composition analysis capabilities.

The new capabilities come in the form of an update to the company’s Polaris Software Integrity Platform’s Code Sight IDE plug-in, which can reside in developers’ desktops. The combined static application security testing (SAST) and software composition analysis (SCA) capabilities will help developers find and fix bugs and security vulnerabilities in proprietary code, as well as known weaknesses in open source code at the same time, without having to leave the confines of their favorite IDE.

According to experts, while this is a positive move for developers, it is not necessarily or completely unprecedented. Blending SAST and SCA capabilities in a single platform has been done before, but usually at the expense of the robustness of one method or the other, said Chris Gonsalves, senior vice president of research at The 2112 Group in Port Washington, N.Y.

“In the ongoing battle to improve security in the application development environment, there are three things that are important: speed, speed and speed,” Gonsalves said. “If we’re being sincere about really wanting to bake security into development, the infosec mindset needs to move as far to the left on the timeline as possible.”

…

Synopsys will release the updates Code Sight plug-in on Feb. 18 and will showcase the technology at the RSA Conference 2020 in San Francisco on Feb. 24 to 28.

“Again, the real star here is speed,” Gonsalves reiterated. “Wringing vulnerabilities out of app dev as early as possible right in the IDE not only makes code more secure, it exponentially increases the efficiency of the application development lifecycle by reducing the rework required when bugs crop up late in the game.”

…

Written by Darryl K. Taft

> Read the entire article, Synopsys Code Sight combines SAST, SCA testing in the IDE, at techtarget.com.

Services help technology vendors maximize the potential value of their channel programs. These services deliver on specific strategic needs, regardless of size, geographic location, or vertical.

Optimize Your Success

Intelligence enables fact-based decision-making by providing market-trend data that can be converted into practice.

Convert Insight To Action

Quarterly Reports, Custom Research and other Strategic Content, including various White Papers and eBooks, available for purchase or complimentary download.

Explore Our Collection

Many of the blogs we write are sparked by discussions we have with our clients, partners, colleagues and friends. They offer best practices and strategic guidance from our perspective - while representing the voices of vendors and solution providers.

Scroll Through Our Blog

Shifting Economic Conditions Prompt Channel Chiefs to Adjust Partner Strategies

How to Make Better Decisions on Go-to-Market Matters

FTC Revives Robinson-Patman Act, Presents Potential Challenges to the Channel

Palo Alto Networks’ Karl Soderlund on Challenging Complacency

2023: The Year of Conservation and Optimization

That three-step process is more than a tagline: it's how we approach each client engagement. Our goal is to deliver outcomes for vendors and partners through our portfolio of products and services. Every time.

Find Out More

Synopsys Code Sight combines SAST, SCA testing in the IDE

Synopsys Code Sight combines SAST, SCA testing in the IDE

About

News & Events

Follow Us

Sign Up for Channel Insights

Services help technology vendors maximize the potential value of their channel programs. These services deliver on specific strategic needs, regardless of size, geographic location, or vertical. Optimize Your Success

Intelligence enables fact-based decision-making by providing market-trend data that can be converted into practice. Convert Insight To Action

Quarterly Reports, Custom Research and other Strategic Content, including various White Papers and eBooks, available for purchase or complimentary download. Explore Our Collection

Many of the blogs we write are sparked by discussions we have with our clients, partners, colleagues and friends. They offer best practices and strategic guidance from our perspective - while representing the voices of vendors and solution providers. Scroll Through Our Blog

Shifting Economic Conditions Prompt Channel Chiefs to Adjust Partner Strategies

How to Make Better Decisions on Go-to-Market Matters

FTC Revives Robinson-Patman Act, Presents Potential Challenges to the Channel

Palo Alto Networks’ Karl Soderlund on Challenging Complacency

2023: The Year of Conservation and Optimization

That three-step process is more than a tagline: it's how we approach each client engagement. Our goal is to deliver outcomes for vendors and partners through our portfolio of products and services. Every time. Find Out More

Synopsys Code Sight combines SAST, SCA testing in the IDE

Synopsys Code Sight combines SAST, SCA testing in the IDE

Services help technology vendors maximize the potential value of their channel programs. These services deliver on specific strategic needs, regardless of size, geographic location, or vertical.

Optimize Your Success

Intelligence enables fact-based decision-making by providing market-trend data that can be converted into practice.

Convert Insight To Action

Quarterly Reports, Custom Research and other Strategic Content, including various White Papers and eBooks, available for purchase or complimentary download.

Explore Our Collection

Many of the blogs we write are sparked by discussions we have with our clients, partners, colleagues and friends. They offer best practices and strategic guidance from our perspective - while representing the voices of vendors and solution providers.

Scroll Through Our Blog

That three-step process is more than a tagline: it's how we approach each client engagement. Our goal is to deliver outcomes for vendors and partners through our portfolio of products and services. Every time.

Find Out More