Synopsys unveils enhancements
to Coverity SAST solution
ynopsys has announced the
availability of a new version of
its Coverity static application
security testing (SAST) solution, which
enables organisations to build secure
applications faster. The latest release of
Coverity addresses three increasingly
important needs for enterprise application
security teams: scalability, broad
language and framework support, and
comprehensive vulnerability analysis.
latest Coverity release introduces support
for TypeScript, .NET Core, Swift 4.1, and
Ruby on Rails, as well as more than 50
different frameworks for Java, JavaScript,
C#, including Angular, React and Vue.
S
“While application vulnerabilities
continue to be the most common vector
for cyberattacks, organisations are
expanding their application portfolios
and relying heavily on software to
perform critical business functions and
deliver customer value,” said Andreas
Kuehlmann, Co-General Manager of
the Synopsys Software Integrity Group.
“This means enterprise application
security teams need to be able to
assess their growing and increasingly
diverse application inventories for
vulnerabilities, while minimising impact to
their development velocity and business
operations. The latest Coverity release
enables security teams to do just that
by extending our world-class static
analysis technology to a wider range of
applications and making it easier than
ever to implement and scale across
large application portfolios.”
Coverity enables enterprise organisations
to scale their SAST efforts across large
application portfolios. The latest Coverity
solution now includes a feature called
‘analysis without build’ that allows security
teams to on-board and analyse thousands
of applications quickly and easily.
www.intelligentciso.com
|
Issue 10
Andreas Kuehlmann, Co-General Manager of
the Synopsys Software Integrity Group
Security teams can now simply point
Coverity to a source code project and
begin analysing in seconds, without
first having to do a full build operation
for each application. Unlike other
SAST solutions, Coverity automatically
detects project types and fetches the
dependencies that would normally be
incorporated in the build process. Use of
this new feature ensures comprehensive
analysis and eliminates the need to
manually declare dependencies.
The Coverity analysis engine utilises
a variety of techniques to look at
code in different ways and find the
most actionable and critical security
vulnerabilities. In response to the
growing popularity of frameworks,
the latest Coverity release includes
dramatically improved framework
analysis which allows customers to more
accurately detect client-side and back-
end web services vulnerabilities.
Coverity can also now analyse
JavaScript framework templates, which
are a popular means of client-side data
binding. Coverity can now scan the
HTML generated on the fly from such
templates to find additional cross-site
scripting vulnerabilities. u
Broad language and
framework support
Scalable SAST for enterprise
security teams
Comprehensive
vulnerability analysis
The ecosystem of programming
languages and frameworks used to build
applications is expanding, and SAST
tools need to understand how each one
works in order to be effective. To address
the needs of enterprise organisations with
diverse application portfolios, Synopsys
has significantly expanded Coverity’s
language and framework coverage. The
61