EEJournal

industry news
Subscribe Now
July 25, 2016

Synopsys Releases Seeker 3.8 Runtime Security Analysis Tool for Web Applications

  • Integration with Protecode Supply Chain (SC) to detect known vulnerabilities in open source and third-party software components.
  • Improved ease of use and deployment
  • Broadened technology support, including MongoDB and PHP 7

Synopsys, Inc. (Nasdaq: SNPS) today announced the version 3.8 release of its Seeker® product, the company’s innovative runtime security analysissolution and one of the latest additions to its Software Integrity Platform. Seeker analyzes web application code and data flows at runtime using a technique known as an Interactive Application Security Testing (IAST), which detects and confirms exploitable security vulnerabilities and provides actionable guidance that enables developers to address their root causes with ease. The Seeker 3.8 release includes improvements to its security analysis, usability and technology support.

Most notably, Seeker 3.8 now has the ability to detect known vulnerabilities in web applications’ open source and third-party software components through a turnkey integration with Synopsys’ Protecode™ Supply Chain (SC) technology. Seeker 3.8 automatically scans target web application binaries and produces a list of the detected open source and third-party dependencies (also known as a software bill of materials), a list of known vulnerabilities affecting its components, and pertinent software license attributes. This feature provides coverage for “A9 – Using Components with Known Vulnerabilities,” one of the OWASP Top 10 most critical web application security flaws.

“Modern web applications depend on an increasingly vast and complex supply chain of open source and third-party software components,” saidAndreas Kuehlmann, senior vice president and general manager of Synopsys’ Software Integrity Group. “There are thousands of known vulnerabilities that affect commonly used components, and they represent low-hanging fruit for attackers. Software composition analysis is an invaluable complement to Seeker’s runtime security analysis as it provides a more comprehensive view of an applications’ risk posture.”

Seeker 3.8 includes several updates to improve its ease of use and ease of deployment, making it more flexible and easier to adopt across a variety of enterprise development and testing environments. This release also adds support for MongoDB and PHP 7, extending its utility to a wider range of web applications and services.

Synopsys will showcase Seeker 3.8 and the rest of its Software Integrity Platform at Black Hat USA 2016 in Las Vegas, Nevada on August 3 and 4. To learn more, visit Synopsys at booth #960 in the Black Hat Business Hall or visit: http://www.synopsys.com/software/seeker/Pages/default.aspx

Seeker and the other tools in Synopsys’ Software Integrity Platform are used to facilitate “software signoff,” an integrated development and testing methodology that aims to ensure software quality and security. Pioneered by Synopsys to emulate the signoff concept used in integrated circuit (IC) design, software signoff involves a series of automated testing cycles at critical points throughout the software development lifecycle and software supply chain.

About the Synopsys Software Integrity Platform

Through its Software Integrity Platform, Synopsys provides advanced solutions for improving the quality and security of software. This comprehensive platform of automated analysis and testing technologies integrates seamlessly into the software development process and enables organizations to detect and remediate quality defects, security vulnerabilities and compliance issues early in the software development lifecycle, as well as to gain security assurance with and visibility into their software supply chain.

About Synopsys

Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As the world’s 15th largest software company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and is also growing its leadership in software quality and security solutions. Whether you’re a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing applications that require the highest quality and security, Synopsys has the solutions needed to deliver innovative, high-quality, secure products. Learn more at www.synopsys.com.

Leave a Reply

featured blogs
BoardSurfers: Training Insights: Design Effortlessly Using Structures in Allegro X
Apr 25, 2024
Structures in Allegro X layout editors let you create reusable building blocks for your PCBs, saving you time and ensuring consistency. What are Structures? Structures are pre-defined groups of design objects, such as vias, connecting lines (clines), and shapes. You can combi...
More from Cadence...
Want to Mix and Match Dies in a Single Package? UCIe Can Get You There
Apr 25, 2024
See how the UCIe protocol creates multi-die chips by connecting chiplets from different vendors and nodes, and learn about the role of IP and specifications.The post Want to Mix and Match Dies in a Single Package? UCIe Can Get You There appeared first on Chip Design....
More from Synopsys...
One Robotic Step Closer to Humanoid Robots in the Home
Apr 18, 2024
Are you ready for a revolution in robotic technology (as opposed to a robotic revolution, of course)?...
More from Max's Cool Beans...

featured video

How MediaTek Optimizes SI Design with Cadence Optimality Explorer and Clarity 3D Solver

Sponsored by Cadence Design Systems

In the era of 5G/6G communication, signal integrity (SI) design considerations are important in high-speed interface design. MediaTek’s design process usually relies on human intuition, but with Cadence’s Optimality Intelligent System Explorer and Clarity 3D Solver, they’ve increased design productivity by 75X. The Optimality Explorer’s AI technology not only improves productivity, but also provides helpful insights and answers.

Learn how MediaTek uses Cadence tools in SI design

featured paper

Designing Robust 5G Power Amplifiers for the Real World

Sponsored by Keysight

Simulating 5G power amplifier (PA) designs at the component and system levels with authentic modulation and high-fidelity behavioral models increases predictability, lowers risk, and shrinks schedules. Simulation software enables multi-technology layout and multi-domain analysis, evaluating the impacts of 5G PA design choices while delivering accurate results in a single virtual workspace. This application note delves into how authentic modulation enhances predictability and performance in 5G millimeter-wave systems.

Download now to revolutionize your design process.

featured chalk talk

Gas Monitoring and Metering with Sensirion SFC6000/SFM6000 Solutions
Sponsored by Mouser Electronics and Sensirion
In this episode of Chalk Talk, Amelia Dalton and Negar Rafiee Dolatabadi from Sensirion explore the benefits of Sensirion’s SFM6000 Flow Meter and SFC Flow Controller. They examine how these solutions can be used in a variety of applications and how you can get started using these technologies for your next design.
Click here for more information about Sensirion SFC6000D Mass Flow Controllers
Jan 17, 2024
14,278 views