EEJournal

industry news
Subscribe Now
January 19, 2017

Synopsys Releases New Version of Coverity Static Analysis Tool with Enhanced Security for Mobile and Web Applications

Highlights:

  • Enhances Android security analysis to detect critical vulnerabilities and weaknesses on the OWASP Top 10
  • Improves security analysis and accuracy for JavaScript, Java and C# web applications
  • Expands desktop analysis with Integrated Development Environment (IDE) plugins for mobile and web application security testing

Synopsys, Inc. (Nasdaq: SNPS) today announced a new 8.7 version of its Coverity® static analysis tool with enhanced security analysis for mobile and web applications. Along with the recent acquisitions of Cigital and Codiscope, the latest version of the Coverity tool will provide Synopsys customers with the enterprise-level security analysis and broad programming language support necessary to address today’s evolving application security demands.

“Mobile and web applications are used widely across organizations to conduct business and process sensitive information, so addressing critical security vulnerabilities before they cause disruption for employees or customers is essential,” said Andreas Kuehlmann, senior vice president and general manager of Synopsys’ Software Integrity Group. “Given the rapid pace and scale of software development efforts today, detecting security flaws early in the development process with a highly accurate tool such as Coverity creates efficiencies that benefit all stakeholders.”

Mobile Application Security Testing

A core component of the Synopsys Software Integrity Platform, the Coverity automated software testing tool analyzes source code to detect critical security vulnerabilities and defects early in the software development lifecycle. Coverity 8.7 includes major enhancements to the tool’s security analysis for Android applications, helping customers detect the most critical vulnerabilities and weaknesses on the OWASP Top 10.

Web Application Security Testing

Coverity 8.7 also provides improved security analysis to detect a wider range of vulnerabilities in JavaScript, Java and C# web applications, and includes support for the new ECMAScript 6 scripting language specification. The JavaScript security analysis in Coverity 8.7 can be customized to improve the accuracy of testing results and reduce false positives and false negatives, which are common pitfalls for application security testing programs.

Secure Software Development Lifecycle Integration

The 8.7 version of the Coverity tool also expands and enhances its desktop analysis for mobile and web applications through plugins with popular Integrated Development Environments (IDEs) including Android Studio, Microsoft Visual Studio, IntelliJ and Eclipse. Developers will be able to perform security analysis from their desktop environment as part of a secure software development lifecycle for Android mobile applications and JavaScript and Node.js web applications. Developers will also be able to run quality analysis for other interpreted languages including PHP, Python and Ruby.

About the Synopsys Software Integrity Platform

Through its Software Integrity Platform, Synopsys provides advanced solutions for improving software security and quality. This comprehensive platform of automated analysis and testing technologies integrates seamlessly into the software development process and enables organizations to detect and remediate quality defects, security vulnerabilities and compliance issues early in the software development lifecycle, as well as to gain security assurance with and visibility into their software supply chain.

About Synopsys

Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software partner for innovative companies developing the electronic products and software applications we rely on every day. As the world’s 15th largest software company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and is also growing its leadership in software security and quality solutions. Whether you’re a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing applications that require the highest security and quality, Synopsys has the solutions needed to deliver innovative, high-quality, secure products. Learn more at www.synopsys.com.

Leave a Reply

featured blogs
Captivating Component Art
May 2, 2024
I'm envisioning what one of these pieces would look like on the wall of my office. It would look awesome!...
More from Max's Cool Beans...

featured video

MaxLinear Integrates Analog & Digital Design in One Chip with Cadence 3D Solvers

Sponsored by Cadence Design Systems

MaxLinear has the unique capability of integrating analog and digital design on the same chip. Because of this, the team developed some interesting technology in the communication space. In the optical infrastructure domain, they created the first fully integrated 5nm CMOS PAM4 DSP. All their products solve critical communication and high-frequency analysis challenges.

Learn more about how MaxLinear is using Cadence’s Clarity 3D Solver and EMX Planar 3D Solver in their design process.

featured paper

Altera® FPGAs and SoCs with FPGA AI Suite and OpenVINO™ Toolkit Drive Embedded/Edge AI/Machine Learning Applications

Sponsored by Intel

Describes the emerging use cases of FPGA-based AI inference in edge and custom AI applications, and software and hardware solutions for edge FPGA AI.

Click here to read more

featured chalk talk

Using the Vishay IHLE® to Mitigate Radiated EMI
Sponsored by Mouser Electronics and Vishay
EMI mitigation is an important design concern for a lot of different electronic systems designs. In this episode of Chalk Talk, Amelia Dalton and Tim Shafer from Vishay explore how Vishay’s IHLE power inductors can reduce radiated EMI. They also examine how the composition of these inductors can support the mitigation of EMI and how you can get started using Vishay’s IHLE® High Current Inductors in your next design.
Click here for more information about Vishay / Dale IHLE High Current Inductors with E-Field Shield
Dec 4, 2023
20,228 views