Cloud-based dynamic analysis offering optimized for modern web applications, DevSecOps workflows
SUNNYVALE, Calif., March 19, 2024 – Synopsys, Inc. (Nasdaq: SNPS) today announced the availability of Synopsys fAST Dynamic, a new dynamic application security testing (DAST) offering on the Synopsys Polaris Software Integrity Platform®. fAST Dynamic enables development, security, and DevOps teams to quickly find and fix security vulnerabilities in modern web applications without impeding development velocity. fAST Dynamic features a simplified onboarding and configuration experience, smart attack execution, and an innovative analysis engine designed for DevSecOps workflows.
Synopsys fAST Dynamic, which is built on the innovative scanning technology acquired from WhiteHat Security, complements the fAST Static and fAST SCA capabilities introduced on the Polaris platform in 2023. Together they enable development and security teams to address vulnerabilities in proprietary source code, open source dependencies, and application behavior through a single fully integrated application security testing solution. Underpinned by modern cloud architecture and scalable multi-tenant SaaS delivery, Polaris makes it easy for developers to onboard and start scanning in minutes while enabling security teams to track testing activities and manage risk across thousands of applications.
“Dynamic analysis is an essential technology for securing modern web applications, but legacy DAST tools can be too slow and difficult to use in fast-paced development environments,” said Jason Schmitt, general manager of the Synopsys Software Integrity Group. “With fAST Dynamic, we have evolved the powerful and accurate scanning technology from Whitehat Security to create a solution designed for the speed of modern development. Synopsys fAST Dynamic enables DevOps teams to scan their applications quickly and accurately, eliminating the need for time-consuming configuration and triage efforts which are often required with legacy tools. With the addition of fAST Dynamic, Polaris customers can orchestrate rapid static, SCA, and dynamic scans through a unified SaaS platform, enabling them to simplify and accelerate their DevSecOps workflows.”
Synopsys fAST Dynamic is uniquely designed to support rapid DevSecOps workflows with features that include:
- Simplified Onboarding and Configuration: fAST Dynamic allows users to initiate scans in seconds with a few simple steps, removing the need for intricate configuration settings or extensive technical security knowledge. Scans can be triggered from the user interface or the Polaris API. This capability makes dynamic testing accessible to a broad range of teams, including developers and DevOps engineers.
- Smart Attack Execution: fAST Dynamic leverages its deep understanding of modern frameworks and technologies to intelligently navigate and analyze web applications, ensuring comprehensive test coverage. This advanced capability allows for a seamless testing experience that requires minimal user input and no specialized expertise, setting a new standard in detecting vulnerabilities with unmatched accuracy and efficiency.
- Innovative Analysis Engine: fAST Dynamic is optimized to efficiently target critical and high-impact vulnerabilities, delivering fast and accurate scan results while minimizing false positives and unnecessary noise. Due to the speed and accuracy of its analysis engine, development and DevOps teams can integrate fAST Dynamic directly into their automated CI/CD pipelines.
Synopsys fAST Dynamic will be generally available on the Polaris platform in April and can be purchased as a stand-alone offering or together with fAST Static and fAST SCA.
For more information, visit www.synopsys.com/polaris or read the blog post.
About the Synopsys Software Integrity Group
Synopsys Software Integrity Group provides integrated solutions that transform the way development teams build and deliver software, accelerating innovation while addressing business risk. Our industry-leading portfolio of software security products and services is the most comprehensive in the world and interoperates with third-party and open source tools, allowing organizations to leverage existing investments to build the security program that’s best for them. Only Synopsys offers everything you need to build trust in your software. Learn more at www.synopsys.com/software.
About Synopsys
Catalyzing the era of pervasive intelligence, Synopsys, Inc. (Nasdaq: SNPS) delivers trusted and comprehensive silicon to systems design solutions, from electronic design automation to silicon IP and system verification and validation. We partner closely with semiconductor and systems customers across a wide range of industries to maximize their R&D capability and productivity, powering innovation today that ignites the ingenuity of tomorrow. Learn more at www.synopsys.com.