Static Analysis (SAST) Synopsys Coverity
Coverity® static application security testing (SAST) helps you build software thatâ€™s more secure, higher-quality, and compliant with standards. Coverity's speed, accuracy, ease of use, and scalability meet the needs of even the largest, most complex environments. Precise, actionable remediation advice and context-specific eLearning help your developers fix defects fast, while seamless integration into your CI/CD pipelines automates testing to maintain development velocity. Choose where and how to do your development: on-premises or in the cloud with Polaris Software Integrity Platform™
Interactive Application Security Testing (IAST) Synopsys Seeker
Seeker monitors web app interactions in the background during normal testing and can quickly process hundreds of thousands of HTTP(S) requests, giving you results in seconds with near-zero false positives--no need to run manual security scans.
Seeker is easy to deploy and scale in your CI/CD development workflows. Native integrations, web APIs, and plugins provide seamless integration with the tools you use for on-premises, cloud-based, microservices-based, and container-based development. You will get accurate results out of the box, without extensive configuration, custom services, or tuning.
Software Composition Analysis (SCA) Synopsys Black Duck
Black Duck provides a comprehensive software composition analysis (SCA) solution for managing security, quality, and license compliance risk that comes from the use of open source and third-party code in applications and containers. Black Duck gives you unmatched visibility into third-party code, enabling you to control it across your software supply chain and throughout the application life cycle.
Dynamic Application Security Testing (DAST) Acunetix WVS
Acunetix will find vulnerabilities in your websites and web APIs. Fix identified security issues to avoid breaches and prevent hazards at the earliest stages of the SDLC.
Fuzz Testing Synopsys Dynamics
Defensics is a comprehensive, versatile, black box fuzzer, meaning it doesn't require source code to run. With Defensics, users can secure their cyber supply chain to ensure the interoperability, robustness, quality, and security of software and devices before introducing them into IT or lab environments.