The availability of a new version of Synopsys’ Coverity static application security testing (SAST) solution, which enables organisations to build secure applications faster, has been announced. The latest release of Coverity addresses three increasingly important needs for enterprise application security teams: scalability, broad language and framework support, and comprehensive vulnerability analysis.
"While application vulnerabilities continue to be the most common vector for cyber attacks, organisations are expanding their application portfolios and relying heavily on software to perform critical business functions and deliver customer value," said Andreas Kuehlmann, co-general Manager of the Synopsys Software Integrity Group. "This means enterprise application security teams need to be able to assess their growing and increasingly diverse application inventories for vulnerabilities, while minimising impact to their development velocity and business operations. The latest Coverity release enables security teams to do just that by extending our world-class static analysis technology to a wider range of applications and making it easier than ever to implement and scale across large application portfolios."
Coverity enables enterprise organisations to scale their SAST efforts across large application portfolios. The latest Coverity solution now includes a feature called 'analysis without build' that allows security teams to onboard and analyse thousands of applications quickly and easily. Security teams can now simply point Coverity to a source code project and begin analysing in seconds, without first having to do a full build operation for each application. Coverity automatically detects project types and fetches the dependencies that would normally be incorporated in the build process. Use of this new feature ensures comprehensive analysis and eliminates the need to manually declare dependencies.