Posted by Synopsys Editorial Team on Tuesday, June 12th, 2018
The latest release of Coverity by Synopsys features seamless integration with our completely rebuilt eLearning platform, an on-demand developer training solution focusing on secure coding best practices and security guidance.
Synopsys eLearning is an outcome-driven, learner-centric training solution that makes learning about security easy, relevant, and accessible. With eLearning, learners have on-demand access to an immersive, continuous learning ecosystem that unifies security expertise, instructional design, and storytelling into an intuitive platform. Features include:
These features, among many others, enable developers to actively build their security competency.
The integration provides developers who have eLearning licenses and accounts with convenient access—directly from the Coverity interface—to short, context-relevant training modules to help them address security issues Coverity detects in their code.
“As more organizations adopt rapid and iterative development methodologies, it is increasingly important to shift security left in the development process. That means equipping developers with the tools and training they need to take ownership of the security of their code. Finding and fixing vulnerabilities early and teaching developers to avoid security missteps in the first place results in more secure code, and it also prevents costly rework and unnecessary delays.”
—Andreas Kuehlmann, senior vice president and general manager, Synopsys Software Integrity Group
The integration provides developers with context-specific application security learning lessons based on the CWEs (Common Weakness Enumerations) detected by Coverity. It uses a proprietary vulnerability analysis tool to match detected CWEs with relevant eLearning course content based on a highest-confidence-level algorithmic assessment. Unlike other training tools, eLearning can link to specific lessons in a course to ensure developers quickly receive the most relevant information, rather than having to search through an entire course.
eLearning includes 37 courses covering a wide range of application security topics, including risk analysis, authentication, security standards, defensive programming for web and mobile apps, threat modeling, security testing strategy, and more.
The latest release of Coverity includes security analysis enhancements to detect more vulnerabilities across a variety of programming languages and frameworks, as well as continued support of the latest coding standards for embedded software.
Get the latest AppSec news and trends sent directly to you.