Underpinned by modern cloud architecture and scalable multi-tenant SaaS delivery, Polaris makes it easy for developers to onboard and start scanning code in minutes while enabling security teams to track testing activities and manage risk across thousands of applications.
"Today, development, DevOps and security teams of all sizes need a fully integrated and automated solution that combines multiple testing technologies, reduces complexity, and matches the pace of modern DevSecOps," said Jason Schmitt, general manager of the Synopsys Software Integrity Group. "With Polaris, we are delivering a no-compromise application security platform that unifies proven, best-of-breed technologies into an integrated SaaS platform that can scale with them and is supported by the established industry leader."
The latest enhancements to the Polaris Software Integrity Platform accelerate development, DevOps and security team workflows by enabling them to:
- Perform static application security testing (SAST) and software composition analysis (SCA) through a single platform. Synopsys fAST Static and Synopsys fAST SCA are built on top of Synopsys' market-leading Coverity® and Black Duck® analysis engines, accelerating the accurate detection of vulnerabilities in source code and open source software in a single click—with no configuration required. The multi-threaded analysis of Synopsys fAST Static allows customers to run incremental scans that are 5-10 times faster than a full scan with no loss of accuracy, while Synopsys fAST SCA provides teams with detailed analyses of open source vulnerabilities. The result is a combined view of issues at the application level that speeds up risk mitigation.
- Build security into DevOps through simplified integrations and automation. Seamless out-of-the-box integrations make it easy to connect Polaris to Jenkins and Jira Cloud, as well as the GitHub, GitLab and Azure DevOps code repositories. Teams can onboard users and applications quickly across the entire organization, and easily automate scans based on defined schedules, or as part of any CI workflow. They can also define security policies to trigger alerts or halt builds when vulnerabilities are found, and built-in reporting and analytics enable actionability that streamlines remediation workflows and tracks progress across applications and teams.
- Manage application security risk at enterprise scale. The multi-tenant SaaS delivery of the Polaris Software Integrity Platform includes elastic capacity and concurrent scanning across projects and scan types to minimize time-to-results, and easily scales to thousands of applications to meet the demands of large enterprise development organizations. For security teams, the platform's integrated vulnerability analysis tooling helps identify application security hotspots across the entire software portfolio in real-time in an intuitive dashboard that displays vulnerability severity and type across applications, projects and test types. Additionally, Polaris offers triage services that enlist Synopsys' application security experts to review static analysis results and remove false positives, thus dramatically improving the efficiency, accuracy and actionability of those scans—while also ensuring that failed and misconfigured scans don't disrupt pipelines or developer workflows.
According to Gartner1, 80% of security and risk management leaders are now looking to consolidate their security spending with fewer vendors. The analyst firm notes that "across multiple security domains, security technology convergence is accelerating driven by the need to reduce complexity, leverage commonalities, reduce administration overhead and provide more effective security."
The Synopsys fAST Static and Synopsys fAST SCA offerings are generally available with multiple stand-alone and combined configurations available for purchase.
For more information, visit www.synopsys.com/polaris or read the blog post.
Those attending RSA Conference 2023 can get a first-hand look at Polaris and speak with a Synopsys representative at booth #1135 in the South Hall.
1. | Gartner, Inc. "Top Trends in Cybersecurity 2022" by Richard Addiscott, William Candrick, Peter Firstbrook, et. al., Feb. 18, 2022. |
About the Synopsys Software Integrity Group
Synopsys Software Integrity Group provides integrated solutions that transform the way development teams build and deliver software, accelerating innovation while addressing business risk. Our industry-leading portfolio of software security products and services is the most comprehensive in the world and interoperates with third-party and open source tools, allowing organizations to leverage existing investments to build the security program that's best for them. Only Synopsys offers everything you need to build trust in your software. Learn more at www.synopsys.com/software.
About Synopsys
Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As an S&P 500 company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and offers the industry's broadest portfolio of application security testing tools and services. Whether you're a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing more secure, high-quality code, Synopsys has the solutions needed to deliver innovative products. Learn more at www.synopsys.com.
Editorial Contact:
Liz Samet
Synopsys, Inc.
336-414-6753
Email Contact
View original content: https://www.prnewswire.com/news-releases/synopsys-to-showcase-next-gen-polaris-software-integrity-platform-at-rsa-conference-301789373.html
SOURCE Synopsys, Inc.
Contact: |
Company Name: Synopsys, Inc.
Financial data for Synopsys, Inc. |