Software Integrity Blog

Archive for the 'Static Analysis (SAST)' Category

 

How to manage web application security with Coverity

Improve your web application security management by finding and fixing security vulnerabilities earlier and achieving compliance with industry standards.

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on How to manage web application security with Coverity

 

So you just bought a SAST tool. Now what?

You’ve finally purchased a static analysis solution—but do you know how to use it? Learn how to implement SAST tools in a way that best suits your environment.

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on So you just bought a SAST tool. Now what?

 

How to choose between enterprise and open source static analysis

Both enterprise and open source static analysis tools can boost your application security program. But each has its strengths. Learn more before you choose one.

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on How to choose between enterprise and open source static analysis

 

Making SAST easier, faster, and more integrated with Polaris

How can development teams make SAST easier? By using a platform that’s fast, accurate, and flexible and integrates with the tools they already use.

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on Making SAST easier, faster, and more integrated with Polaris

 

How to automate static analysis in your SDLC

Automating static analysis in your SDLC requires a tool that integrates into daily workflows, presents results intuitively, and offers remediation guidance.

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on How to automate static analysis in your SDLC

 

Announcing the Polaris Software Integrity Platform

The Polaris platform integrates the Synopsys Software Integrity portfolio into an easy-to-use solution so you can build secure, high-quality software faster.

Continue Reading...

Posted in General, Static Analysis (SAST) | Comments Off on Announcing the Polaris Software Integrity Platform

 

Why dependencies matter for SAST

How do static analyzers manage code dependencies? There are many ways, but the best static analyzers take a hybrid approach to dependency analysis.

Continue Reading...

Posted in Developer Enablement, Static Analysis (SAST) | Comments Off on Why dependencies matter for SAST

 

Coverity 2018.12: Securing enterprise applications

Coverity 2018.12 adds analysis without build, covers more languages and frameworks, finds more vulnerabilities, and supports enterprise application security goals.

Continue Reading...

Posted in General, Static Analysis (SAST) | Comments Off on Coverity 2018.12: Securing enterprise applications

 

Webinar: Static analysis helps DevOps teams maintain velocity securely

In our on-demand webinar with Meera Rao (Synopsys), you’ll learn how to integrate SAST into DevOps using automation to find issues early in the SDLC and support DevOps velocity.

Continue Reading...

Posted in Agile, CI/CD & DevOps, General, Static Analysis (SAST), Webinars | Comments Off on Webinar: Static analysis helps DevOps teams maintain velocity securely

 

Let’s write more CodeXM checkers (second-stage ignition)

If you read the previous installment, you’ll recall that we boosted ourselves to low earth orbit using CodeXM to write a Coverity checker to help enforce a naming convention (which, of course, you can tweak to suit your needs). Our progress so far: local variables and function names (including method names). Now we’ll push higher up, […]

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on Let’s write more CodeXM checkers (second-stage ignition)