Synopsys Strengthens Polaris Software Integrity Platform With New Dynamic Security Testing Capabilities
Synopsys Strengthens Polaris Software Integrity Platform With New Dynamic Security Testing Capabilities
Cloud-based dynamic analysis offering optimized for modern web applications, DevSecOps workflows
基於雲的動態分析產品針對現代 Web 應用程序和 DevSecOps 工作流程進行了優化
SUNNYVALE, Calif., March 19, 2024 /PRNewswire/ -- Synopsys, Inc. (Nasdaq: SNPS) today announced the availability of Synopsys fAST Dynamic, a new dynamic application security testing (DAST) offering on the Synopsys Polaris Software Integrity Platform. fAST Dynamic enables development, security, and DevOps teams to quickly find and fix security vulnerabilities in modern web applications without impeding development velocity. fAST Dynamic features a simplified onboarding and configuration experience, smart attack execution, and an innovative analysis engine designed for DevSecOps workflows.
加利福尼亞州森尼韋爾,2024年3月19日 /PRNewswire/ — 新思科技公司(納斯達克股票代碼:SNPS)今天宣佈新思科技FaST Dynamic上市,這是新思科技北極星軟件完整性平台上的一項新的動態應用程序安全測試(DAST)產品. Fast Dynamic 使開發、安全和開發運營團隊能夠在不影響開發速度的情況下快速發現和修復現代 Web 應用程序中的安全漏洞。FaSt Dynamic 具有簡化的入門和配置體驗、智能攻擊執行以及專爲 DevSecOps 工作流程設計的創新分析引擎。
Synopsys fAST Dynamic, which is built on the innovative scanning technology acquired from WhiteHat Security, complements the fAST Static and fAST SCA capabilities introduced on the Polaris platform in 2023. Together they enable development and security teams to address vulnerabilities in proprietary source code, open source dependencies, and application behavior through a single fully integrated application security testing solution. Underpinned by modern cloud architecture and scalable multi-tenant SaaS delivery, Polaris makes it easy for developers to onboard and start scanning in minutes while enabling security teams to track testing activities and manage risk across thousands of applications.
新思科技的FaST Dynamic建立在從WhiteHat Security獲得的創新掃描技術之上,是對2023年在北極星平台上推出的Fast靜態和FaST SCA功能的補充。它們共同使開發和安全團隊能夠通過一個完全集成的應用程序安全測試解決方案來解決專有源代碼、開源依賴關係和應用程序行爲中的漏洞。在現代雲架構和可擴展的多租戶SaaS交付的支持下,Polaris使開發人員可以在幾分鐘內輕鬆入門並開始掃描,同時使安全團隊能夠跟蹤測試活動並管理數千個應用程序的風險。
"Dynamic analysis is an essential technology for securing modern web applications, but legacy DAST tools can be too slow and difficult to use in fast-paced development environments," said Jason Schmitt, general manager of the Synopsys Software Integrity Group. "With fAST Dynamic, we have evolved the powerful and accurate scanning technology from Whitehat Security to create a solution designed for the speed of modern development. Synopsys fAST Dynamic enables DevOps teams to scan their applications quickly and accurately, eliminating the need for time-consuming configuration and triage efforts which are often required with legacy tools. With the addition of fAST Dynamic, Polaris customers can orchestrate rapid static, SCA, and dynamic scans through a unified SaaS platform, enabling them to simplify and accelerate their DevSecOps workflows."
新思科技軟件完整性小組總經理傑森·施密特表示:“動態分析是保護現代網絡應用程序的基本技術,但傳統的DAST工具可能太慢且難以在快節奏的開發環境中使用。”“藉助FaST Dynamic,我們對Whitehat Security強大而準確的掃描技術進行了改進,以創建專爲現代開發速度而設計的解決方案。Synopsys Fast Dynamic 使 DevOps 團隊能夠快速準確地掃描其應用程序,從而無需耗時的配置和分類工作,而傳統工具通常需要這些工作。加入 Fast Dynamic 後,北極星客戶可以協調快速靜態、SCA、 和 通過統一的 SaaS 平台進行動態掃描,使他們能夠簡化和加速 DevSecOps 工作流程。”
Synopsys fAST Dynamic is uniquely designed to support rapid DevSecOps workflows with features that include:
新思科技 FaSt Dynamic 專爲支持快速的 DevSecOps 工作流程而設計,其功能包括:
- Simplified Onboarding and Configuration: fAST Dynamic allows users to initiate scans in seconds with a few simple steps, removing the need for intricate configuration settings or extensive technical security knowledge. Scans can be triggered from the user interface or the Polaris API. This capability makes dynamic testing accessible to a broad range of teams, including developers and DevOps engineers.
- Smart Attack Execution: fAST Dynamic leverages its deep understanding of modern frameworks and technologies to intelligently navigate and analyze web applications, ensuring comprehensive test coverage. This advanced capability allows for a seamless testing experience that requires minimal user input and no specialized expertise, setting a new standard in detecting vulnerabilities with unmatched accuracy and efficiency.
- Innovative Analysis Engine: fAST Dynamic is optimized to efficiently target critical and high-impact vulnerabilities, delivering fast and accurate scan results while minimizing false positives and unnecessary noise. Due to the speed and accuracy of its analysis engine, development and DevOps teams can integrate fAST Dynamic directly into their automated CI/CD pipelines.
- 簡化的入門和配置: Fast Dynamic允許用戶通過幾個簡單的步驟在幾秒鐘內啓動掃描,無需複雜的配置設置或豐富的技術安全知識。可以通過用戶界面或 Polaris API 觸發掃描。這種功能使包括開發人員和 DevOps 工程師在內的各種團隊都可以進行動態測試。
- 智能攻擊執行: FaST Dynamic 利用其對現代框架和技術的深刻理解,智能地瀏覽和分析 Web 應用程序,確保全面的測試覆蓋範圍。這種高級功能可提供無縫的測試體驗,只需最少的用戶輸入和專業知識,從而爲以無與倫比的準確性和效率檢測漏洞設定了新標準。
- 創新的分析引擎: FaST Dynamic 經過優化,可有效鎖定關鍵和高影響漏洞,提供快速準確的掃描結果,同時最大限度地減少誤報和不必要的噪音。由於其分析引擎的速度和準確性,開發和開發運營團隊可以將FaST Dynamic直接集成到其自動化CI/CD管道中。
Synopsys fAST Dynamic will be generally available on the Polaris platform in April and can be purchased as a stand-alone offering or together with fAST Static and fAST SCA.
新思科技的FaST Dynamic將於4月在Polaris平台上正式上市,可以作爲獨立產品購買,也可以與FaST Static和FaST SCA一起購買。
For more information, visit or read the blog post.
欲了解更多信息,請訪問或閱讀博客文章。
About the Synopsys Software Integrity Group
關於 Synopsys 軟件完整性小組
Synopsys Software Integrity Group provides integrated solutions that transform the way development teams build and deliver software, accelerating innovation while addressing business risk. Our industry-leading portfolio of software security products and services is the most comprehensive in the world and interoperates with third-party and open source tools, allowing organizations to leverage existing investments to build the security program that's best for them. Only Synopsys offers everything you need to build trust in your software. Learn more at .
Synopsys Software Integrity Group 提供集成解決方案,改變開發團隊構建和交付軟件的方式,在解決業務風險的同時加速創新。我們行業領先的軟件安全產品和服務組合是世界上最全面的,可與第三方和開源工具互操作,使組織能夠利用現有投資來構建最適合自己的安全計劃。只有 Synopsys 能提供建立對軟件信任所需的一切。要了解更多信息,請訪問。
About Synopsys
關於 Synopsys
Catalyzing the era of pervasive intelligence, Synopsys, Inc. (Nasdaq: SNPS) delivers trusted and comprehensive silicon to systems design solutions, from electronic design automation to silicon IP and system verification and validation. We partner closely with semiconductor and systems customers across a wide range of industries to maximize their R&D capability and productivity, powering innovation today that ignites the ingenuity of tomorrow. Learn more at .
Synopsys, Inc.(納斯達克股票代碼:SNPS)提供可信且全面的硅到系統設計解決方案,從電子設計自動化到硅 IP 和系統驗證與驗證,推動智能無處不在的時代。我們與各行各業的半導體和系統客戶密切合作,最大限度地提高他們的研發能力和生產力,推動當今的創新,點燃未來的獨創性。要了解更多信息,請訪問。
Editorial Contact:
Mark Van Elderen
Synopsys, Inc.
650-793-7450
[email protected]
編輯聯繫人:
馬克·範·埃爾德倫
Synopsys, Inc.
650-793-7450
[電子郵件保護]
SOURCE Synopsys, Inc.
來源 Synopsys, Inc.