1. Synopsys Makes Updates to its Seeker Runtime Security Analysis Tool
8/8/2016 5:09:05 PM
Synopsys Makes Updates to its Seeker Runtime Security Analysis Tool
Synopsys,Seeker Security
https://appdevelopermagazine.com/images/news_images/Synopsys-Makes-Updates-to-its-Seeker-App-Developer-Magazine_96yd5z8g.jpg
App Developer Magazine
Synopsys Makes Updates to its Seeker Runtime Security Analysis Tool

Synopsys Makes Updates to its Seeker Runtime Security Analysis Tool



Richard Harris Richard Harris in Application Testing Monday, August 8, 2016
2,040

Synopsys has released the latest version of its Seeker runtime security analysis solution. Seeker analyzes web application code and data flows at runtime using a technique known as an Interactive Application Security Testing (IAST), which detects and confirms exploitable security vulnerabilities and provides insight that allows developers to address their root causes. The Seeker 3.8 release includes improvements to its security analysis, usability and technology support.

One of the most notable updates to Seeker 3.8 is the ability to detect known vulnerabilities in web applications' open source and third-party software components through an integration with Synopsys' Protecode Supply Chain (SC) technology. Seeker 3.8 automatically scans target web application binaries and produces a list of the detected open source and third-party dependencies (also known as a software bill of materials), a list of known vulnerabilities affecting its components, and pertinent software license attributes. This feature provides coverage for "A9 – Using Components with Known Vulnerabilities," one of the OWASP Top 10 most critical web application security flaws.

Seeker 3.8 also includes several updates to improve its ease of use and ease of deployment, making it more flexible and easier to adopt across a variety of enterprise development and testing environments. The release also adds support for MongoDB and PHP 7, extending its utility to a wider range of web applications and services.

Seeker and the other tools in Synopsys' Software Integrity Platform are used to facilitate "software signoff," an integrated development and testing methodology that aims to ensure software quality and security. The signoff involves a series of automated testing cycles at critical points throughout the software development lifecycle and software supply chain.


Read more: http://www.synopsys.com/software/seeker/Pages/defa...

Subscribe to App Developer Magazine

Become a subscriber of App Developer Magazine for just $5.99 a month and take advantage of all these perks.

MEMBERS GET ACCESS TO

  • - Exclusive content from leaders in the industry
  • - Q&A articles from industry leaders
  • - Tips and tricks from the most successful developers weekly
  • - Monthly issues, including all 90+ back-issues since 2012
  • - Event discounts and early-bird signups
  • - Gain insight from top achievers in the app store
  • - Learn what tools to use, what SDK's to use, and more

    Subscribe here