• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Microcontroller Tips

Microcontroller engineering resources, new microcontroller products and electronics engineering news

  • Products
    • 8-bit
    • 16-bit
    • 32-bit
    • 64-bit
  • Applications
    • 5G
    • Automotive
    • Connectivity
    • Consumer Electronics
    • EV Engineering
    • Industrial
    • IoT
    • Medical
    • Security
    • Telecommunications
    • Wearables
    • Wireless
  • Learn
    • eBooks / Tech Tips
    • EE Training Days
    • FAQs
    • Learning Center
    • Tech Toolboxes
    • Webinars/Digital Events
  • Resources
    • Design Guide Library
    • DesignFast
    • LEAP Awards
    • Podcasts
    • White Papers
  • Videos
    • EE Videos & Interviews
    • Teardown Videos
  • EE Forums
    • EDABoard.com
    • Electro-Tech-Online.com
  • Engineering Training Days
  • Advertise
  • Subscribe

Security testing software development tool analyzes open source, proprietary code

March 3, 2020 By Aimee Kalnoskas Leave a Comment

Code Sight IDE pluginSynopsys, Inc. announced that on Feb. 18 it will release a major update to the Polaris Software Integrity Platform to extend its static application security testing (SAST) and software composition analysis (SCA) capabilities to the developer’s desktop through the native integration of the Code Sight IDE plugin. These capabilities, the first of their kind, will enable developers to proactively find and fix both security weaknesses in proprietary code and known vulnerabilities in open source dependencies simultaneously, without leaving their interactive development environment (IDE).

Synopsys will showcase these new capabilities at RSA Conference 2020, Booth S-1135, in San Francisco on Feb. 24–28. To receive a complimentary RSA Expo Pass, register using code XS0USYNOP.

Key features

  • Building on the Code Sight SAST capabilities first introduced in 2019, this release introduces the ability to analyze declared and transitive open source dependencies, flagging components with known security issues alongside SAST findings in the IDE.
  • With the new SCA capabilities, developers can review known vulnerabilities of flagged components to verify the risk and determine remediation options, all without leaving the IDE.
  • The Code Sight plugin provides vulnerability information from Black Duck Security Advisories (BDSAs), researched by Synopsys, as well as public CVE records from the National Vulnerability Database (NVD).
  • BDSAs provide developers with more timely, accurate, and thorough risk and remediation information than is available in the NVD, helping them find and fix vulnerabilities faster and more effectively than other solutions.
  • The Code Sight plugin also helps developers quickly identify and select the best fix for vulnerabilities by providing detailed remediation guidance, directing them to more secure component versions. Developers can then implement fixes at once, without interrupting their workflow or leaving the IDE.
  • In addition to vulnerability information, the Code Sight plugin provides other information developers can use to optimize component selection, including open source license risks and potential security and license compliance violations of the organization’s predefined open source policies.

 

Filed Under: Applications, Security, Software Tagged With: synopsysinc

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Featured Contributions

Five challenges for developing next-generation ADAS and autonomous vehicles

Securing IoT devices against quantum computing risks

RISC-V implementation strategies for certification of safety-critical systems

What’s new with Matter: how Matter 1.4 is reshaping interoperability and energy management

Edge AI: Revolutionizing real-time data processing and automation

More Featured Contributions

EE TECH TOOLBOX

“ee
Tech Toolbox: 5G Technology
This Tech Toolbox covers the basics of 5G technology plus a story about how engineers designed and built a prototype DSL router mostly from old cellphone parts. Download this first 5G/wired/wireless communications Tech Toolbox to learn more!

EE Learning Center

EE Learning Center

EE ENGINEERING TRAINING DAYS

engineering
“bills
“microcontroller
EXPAND YOUR KNOWLEDGE AND STAY CONNECTED
Get the latest info on technologies, tools and strategies for EE professionals.

DesignFast

Design Fast Logo
Component Selection Made Simple.

Try it Today
design fast globle

Footer

Microcontroller Tips

EE World Online Network

  • 5G Technology World
  • EE World Online
  • Engineers Garage
  • Analog IC Tips
  • Battery Power Tips
  • Connector Tips
  • DesignFast
  • EDA Board Forums
  • Electro Tech Online Forums
  • EV Engineering
  • Power Electronic Tips
  • Sensor Tips
  • Test and Measurement Tips

Microcontroller Tips

  • Subscribe to our newsletter
  • Advertise with us
  • Contact us
  • About us

Copyright © 2025 · WTWH Media LLC and its licensors. All rights reserved.
The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media.

Privacy Policy