Static Analysis (SAST) Synopsys Coverity
Coverity® static application security testing (SAST) helps you build software that's more secure, higher-quality, and compliant with standards. Coverity's speed, accuracy, ease of use, and scalability meet the needs of even the largest, most complex environments. Precise, actionable remediation advice and context-specific eLearning help your developers fix defects fast, while seamless integration into your CI/CD pipelines automates testing to maintain development velocity. Choose where and how to do your development: on-premises or in the cloud with Polaris Software Integrity Platform™
Interactive Application Security Testing (IAST) Synopsys Seeker
Seeker monitors web app interactions in the background during normal testing and can quickly process hundreds of thousands of HTTP(S) requests, giving you results in seconds with near-zero false positives--no need to run manual security scans.
Seeker is easy to deploy and scale in your CI/CD development workflows. Native integrations, web APIs, and plugins provide seamless integration with the tools you use for on-premises, cloud-based, microservices-based, and container-based development. You will get accurate results out of the box, without extensive configuration, custom services, or tuning.
Software Composition Analysis (SCA) Synopsys Black Duck
Black Duck provides a comprehensive software composition analysis (SCA) solution for managing security, quality, and license compliance risk that comes from the use of open source and third-party code in applications and containers. Black Duck gives you unmatched visibility into third-party code, enabling you to control it across your software supply chain and throughout the application life cycle.
Dynamic Application Security Testing (DAST) Acunetix WVS
Acunetix will find vulnerabilities in your websites and web APIs. Fix identified security issues to avoid breaches and prevent hazards at the earliest stages of the SDLC.
Acunetix integrations are designed to be easy. For example, you can integrate Acunetix scans in your CI/CD pipeline with tools such as Jenkins in just a few steps.
Acunetix also integrates with issue trackers such as Jira, GitLab, GitHub, TFS, Bugzilla, and Mantis. For some issue trackers, Acunetix also offers two-way integration, where the issue tracker may automatically trigger additional scans depending on the issue state.
Acunetix offers its own API that you can use to connect to other security controls and software developed by third parties or in-house. In the case of enterprise customers, Acunetix technical experts will help you integrate the tool within atypical environments.
Fuzz Testing Synopsys Dynamics
Defensics is a comprehensive, versatile, black box fuzzer, meaning it doesn't require source code to run. With Defensics, users can secure their cyber supply chain to ensure the interoperability, robustness, quality, and security of software and devices before introducing them into IT or lab environments.