EEJournal

industry news
Subscribe Now
February 25, 2019

Synopsys to Showcase New Polaris Software Integrity Platform at RSA Conference

Platform Enables Comprehensive Application Security from Developer to Deployment

MOUNTAIN VIEW, Calif., Feb. 25, 2019 /PRNewswire/ — Synopsys, Inc. (Nasdaq: SNPS) today announced it will showcase its new Polaris Software Integrity Platform™ at RSA Conference in San Francisco, March 4–8, 2019. The Polaris Software Integrity Platform brings the power of Synopsys Software Integrity products and services together into an integrated solution that enables security and development teams to build secure, high-quality software faster.

Synopsys’ Polaris Software Integrity Platform is a cloud-based platform that simplifies and enables comprehensive application security from developer to deployment through the combination of the Synopsys Code Sight™ IDE plugin and a central analysis server, which share the same powerful analysis engines; a broad set of integrations with popular development and operations tools; and reports, dashboards, and APIs that provide a consolidated view of application security risks. With the Polaris Software Integrity Platform, teams can detect and remediate vulnerabilities earlier in software development, integrate and automate comprehensive security analysis throughout the software development lifecycle (SDLC), and manage application security risks holistically across their application portfolio.

“To effectively secure their applications against increasingly sophisticated attacks, organizations need to employ a combination of security testing techniques at multiple points within the SDLC,” said Andreas Kuehlmann, general manager of the Synopsys Software Integrity Group. “But, to maintain the velocity required to be competitive, they also need application security solutions that can match the accelerating pace of software development, can scale, and can integrate seamlessly with their existing development infrastructure. Over the past several years, we have developed a portfolio of differentiated products and services that address the gamut of security testing needs in the market, and with the Polaris Software Integrity Platform we’re delivering on our vision to drive synergy and efficiency across these solutions.”

According to Gartner, “As DevOps gains popularity for rapid delivery and innovation of new IT-enabled capabilities, concerns about security and compliance increase. Security and risk management leaders must adapt security tools, processes and policies to the DevOps toolchain without slowing the development process.”1

The benefits of the Polaris Software Integrity platform include:

Early Risk Discovery and Mitigation – The platform helps developers remediate security vulnerabilities early in development, when it is most efficient and cost-effective. The new Code Sight IDE plugin, a key component of the Polaris Software Integrity Platform, extends the power of Synopsys’ solutions to the developers’ native work environment, enabling them to easily find and fix security vulnerabilities in their code as they write. Initially available for IntelliJ, Visual Studio, and Eclipse, the Code Sight plugin combines the same powerful analysis engines as the platform’s central server with fast incremental analysis, ensuring thorough and consistent results without hindering productivity. Code Sight also provides context-sensitive eLearning modules that help developers fix issues quickly and train them to write more secure code going forward.

Shift Left from Detection to Prevention – the Polaris Software Integrity Platform is the only solution to use the same powerful analysis engines both on a central server as part of the CI/CD pipeline and on the developer desktop for fast, incremental scanning. It enables developers to address vulnerabilities while they are coding and therefore produce a more secure codebase prior to checking it into their repository. This dual workflow significantly increases developer productivity, while the central analysis catches any remaining defects before they can make it to production.

Simple and Flexible Operation – The  cloud-based central server of the Polaris Software Integrity Platform provides the flexibility to manage deployments, initiate security scans, analyze results, and coordinate remediation activities using multiple Synopsys analysis engines, such as Coverity and Black Duck, through an intuitive web-based management user interface. The platform also gives teams the flexibility to integrate and automate application security analysis across the SDLC using their existing development and DevOps tools, including Jenkins, Jira, Slack, Red Hat OpenShift, and Kubernetes.

Consolidated Risk Reporting – The Polaris Software Integrity Platform helps security teams view application security risk holistically with consolidated reports and interactive dashboards that combine information from multiple security analysis engines, across their entire application portfolio, with results over time. In addition, the Polaris Software Integrity Platform APIs make it easy for teams to integrate Synopsys security testing results into third-party security and risk reporting solutions.

To learn more, visit the Polaris Software Integrity Platform webpage, read the blog post, and register for the upcoming webinar.

Synopsys will be showcasing the Polaris platform at Booth 1135 in the South Expo Hall at RSA Conference in San Francisco, March 4–8. Register for a complimentary RSA Conference pass with promo code XSU9SYNPSYS.

1. Gartner, Inc. “Integrating Security Into the DevSecOps Toolchain” by Mark Horvath, Neil MacDonald and Ayal Tirosh, October 3, 2017.

About the Synopsys Software Integrity Group

Synopsys Software Integrity Group helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in application security, provides static analysis, software composition analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations optimize security and quality in DevSecOps and throughout the software development life cycle. Learn more at www.synopsys.com/software.

About Synopsys

Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software partner for innovative companies developing the electronic products and software applications we rely on every day. As the world’s 15th largest software company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and is also growing its leadership in software security and quality solutions. Whether you’re a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing applications that require the highest security and quality, Synopsys has the solutions needed to deliver innovative, high-quality, secure products. Learn more at www.synopsys.com.

Leave a Reply

featured blogs
Cadence Reunites with WITU to Empower Young Women
Apr 25, 2024
Cadence's seven -year partnership with'¯ Team4Tech '¯has given our employees unique opportunities to harness the power of technology and engage in a three -month philanthropic project to improve the livelihood of communities in need. In Fall 2023, this partnership allowed C...
More from Cadence...
Synopsys and Multibeam Accelerate Innovation with First Production-Ready E-Beam Lithography System
Apr 24, 2024
Learn about maskless electron beam lithography and see how Multibeam's industry-first e-beam semiconductor lithography system leverages Synopsys software.The post Synopsys and Multibeam Accelerate Innovation with First Production-Ready E-Beam Lithography System appeared fir...
More from Synopsys...
One Robotic Step Closer to Humanoid Robots in the Home
Apr 18, 2024
Are you ready for a revolution in robotic technology (as opposed to a robotic revolution, of course)?...
More from Max's Cool Beans...

featured video

MaxLinear Integrates Analog & Digital Design in One Chip with Cadence 3D Solvers

Sponsored by Cadence Design Systems

MaxLinear has the unique capability of integrating analog and digital design on the same chip. Because of this, the team developed some interesting technology in the communication space. In the optical infrastructure domain, they created the first fully integrated 5nm CMOS PAM4 DSP. All their products solve critical communication and high-frequency analysis challenges.

Learn more about how MaxLinear is using Cadence’s Clarity 3D Solver and EMX Planar 3D Solver in their design process.

featured paper

Designing Robust 5G Power Amplifiers for the Real World

Sponsored by Keysight

Simulating 5G power amplifier (PA) designs at the component and system levels with authentic modulation and high-fidelity behavioral models increases predictability, lowers risk, and shrinks schedules. Simulation software enables multi-technology layout and multi-domain analysis, evaluating the impacts of 5G PA design choices while delivering accurate results in a single virtual workspace. This application note delves into how authentic modulation enhances predictability and performance in 5G millimeter-wave systems.

Download now to revolutionize your design process.

featured chalk talk

Improving Chip to Chip Communication with I3C
Sponsored by Mouser Electronics and Microchip
In this episode of Chalk Talk, Amelia Dalton and Toby Sinkinson from Microchip explore the benefits of I3C. They also examine how I3C helps simplify sensor networks, provides standardization for commonly performed functions, and how you can get started using Microchips I3C modules in your next design.
Click here for more information about Microchip Technology PIC18-Q20 Microcontrollers
Feb 19, 2024
9,165 views