Press ReleaseCloud SecurityDevice & IoTThreat Detection & Defense

Synopsys Introduces Dynamic Security Testing Features in Polaris

Synopsys, Inc. (Nasdaq: SNPS) today announced the availability of Synopsys fAST Dynamic, a new dynamic application security testing (DAST) offering on the Synopsys Polaris Software Integrity Platform®. fAST Dynamic enables development, security, and DevOps teams to quickly find and fix security vulnerabilities in modern web applications without impeding development velocity. fAST Dynamic features a simplified onboarding and configuration experience, smart attack execution, and an innovative analysis engine designed for DevSecOps workflows.

Synopsys fAST Dynamic, which is built on the innovative scanning technology acquired from WhiteHat Security, complements the fAST Static and fAST SCA capabilities introduced on the Polaris platform in 2023. Together they enable development and security teams to address vulnerabilities in proprietary source code, open-source dependencies, and application behaviour through a single fully integrated application security testing solution. Underpinned by modern cloud architecture and scalable multi-tenant SaaS delivery, Polaris makes it easy for developers to onboard and start scanning in minutes while enabling security teams to track testing activities and manage risk across thousands of applications.

“Dynamic analysis is an essential technology for securing modern web applications, but legacy DAST tools can be too slow and difficult to use in fast-paced development environments,” said Jason Schmitt, General Manager of the Synopsys Software Integrity Group. “With fAST Dynamic, we have evolved the powerful and accurate scanning technology from Whitehat Security to create a solution designed for the speed of modern development. Synopsys fAST Dynamic enables DevOps teams to scan theirapplications quickly and accurately, eliminating the need for time-consuming configuration and triage efforts which are often required with legacy tools. With the addition of fAST Dynamic, Polaris customers can orchestrate rapid static, SCA, and dynamic scans through a unified SaaS platform, enabling them to simplify and accelerate their DevSecOps workflows.”

Synopsys fAST Dynamic is uniquely designed to support rapid DevSecOps workflows with features that include:

  • Simplified Onboarding and Configuration: fAST Dynamic allows users to initiate scans in seconds with a few simple steps, removing the need for intricate configuration settings or extensive technical security knowledge. Scans can be triggered from the user interface or the Polaris API. This capability makes dynamic testing accessible to a broad range of teams, including developers and DevOps engineers.

  • Smart Attack Execution: fAST Dynamic leverages its deep understanding of modern frameworks and technologies to intelligently navigate and analyse web applications, ensuring comprehensive test coverage. This advanced capability allows for a seamless testing experience that requires minimal user input and no specialised expertise, setting a new standard in detecting vulnerabilities with unmatched accuracy and efficiency.

  • Innovative Analysis Engine: fAST Dynamic is optimised to efficiently target critical and high-impact vulnerabilities, delivering fast and accurate scan results while minimising false positives and unnecessary noise. Due to the speed and accuracy of its analysis engine, development and DevOps teams can integrate fAST Dynamic directly into their automated CI/CD pipelines.

Synopsys fAST Dynamic will be generally available on the Polaris platform in April and can be purchased as a stand-alone offering or together with fAST Static and fAST SCA.

For more information, visit www.synopsys.com/polaris or read the blog post.

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *