Software Integrity Blog

Archive for the 'Static Analysis (SAST)' Category

 

Announcing the Polaris Software Integrity Platform

The Polaris platform integrates the Synopsys Software Integrity portfolio into an easy-to-use solution so you can build secure, high-quality software faster.

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on Announcing the Polaris Software Integrity Platform

 

Why dependencies matter for SAST

How do static analyzers manage code dependencies? There are many ways, but the best static analyzers take a hybrid approach to dependency analysis.

Continue Reading...

Posted in Developer Enablement, Static Analysis (SAST) | Comments Off on Why dependencies matter for SAST

 

Coverity 2018.12: Securing enterprise applications

Coverity 2018.12 adds analysis without build, covers more languages and frameworks, finds more vulnerabilities, and supports enterprise application security goals.

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on Coverity 2018.12: Securing enterprise applications

 

[Webinar] Static analysis helps DevOps teams maintain velocity securely

In our on-demand webinar with Meera Rao (Synopsys), you’ll learn how to integrate SAST into DevOps using automation to find issues early in the SDLC and support DevOps velocity.

Continue Reading...

Posted in Agile, CI/CD & DevOps, General, Static Analysis (SAST), Webinars | Comments Off on [Webinar] Static analysis helps DevOps teams maintain velocity securely

 

Let’s write more CodeXM checkers (second-stage ignition)

If you read the previous installment, you’ll recall that we boosted ourselves to low earth orbit using CodeXM to write a Coverity checker to help enforce a naming convention (which, of course, you can tweak to suit your needs).

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on Let’s write more CodeXM checkers (second-stage ignition)

 

Let’s write a CodeXM checker (it’s not rocket science!)

All systems are go. We have liftoff. Let’s write some CodeXM.

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on Let’s write a CodeXM checker (it’s not rocket science!)

 

Securing applications with Coverity’s static analysis results

This is the third post in a three-part series on how you can maximize the impact of a static analysis solution by supporting developers and their goals.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Static Analysis (SAST) | Comments Off on Securing applications with Coverity’s static analysis results

 

CodeXM: Awesome code checker power (itty-bitty learning curve!)

What you need to know, and (more importantly) what you don’t, about the CodeXM checkers.

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on CodeXM: Awesome code checker power (itty-bitty learning curve!)

 

Integrating Coverity static analysis into development workflows

This is the second post in a three-part series on how you can maximize the impact of a static analysis solution by supporting developers and their goals.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Static Analysis (SAST) | Comments Off on Integrating Coverity static analysis into development workflows

 

Spectre checker keeps up with the latest exploits

In a recent blog post, Detecting Spectre vulnerability exploits with static analysis, we showed how developers can use static analysis to help protect their applications from the Spectre variant 1 vulnerability (bounds check bypass). Synopsys Software Integrity Group released a checker for Coverity (AUDIT.SPECULATIVE_EXECUTION_DATA_LEAK) that helps developers identify vulnerable code. The result is increased protection against Spectre without the performance cost of completely forgoing speculative execution.

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on Spectre checker keeps up with the latest exploits