Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Development

    Synopsys Launches Polaris Software Integrity Platform

    By
    SEAN MICHAEL KERNER
    -
    February 25, 2019
    Share
    Facebook
    Twitter
    Linkedin
      Synopsys Polaris

      Synopsys is bringing together its software integrity assets in a new offering aimed at helping organizations improve code quality, security and assurance.

      The Polaris Software Integrity Platform is being formally announced by Synopsys on Feb. 25, with the company planning on showcasing the new technology at the RSA Conference in San Francisco, which runs from March 4-8.  With Polaris, Synopsys is bringing together multiple technologies and product lines it already has into an integrated offering to help organizations with the entire developer and operations workflow, identifying code defects and security issues as well as providing risk reporting capabilities.

      “Polaris is really more than the sum of its parts, though under the hood it has the Coverity, Black Duck and Seeker engines,” Andreas Kuehlmann, general manager of the Synopsys Software Integrity Group, told eWEEK. “What we are working on now is synergy between the different technologies.”

      Synopsys has been growing its Software Integrity Group portfolio over the last five years with multiple acquisitions. Back in March 2014, Synopsys acquired static code analysis vendor Coverity and has steadily improved the technology in the years since then. In May 2015, Synopsys acquired the Seeker interactive application security testing (IAST) technology from Quotium. In November 2016, Synopsys acquired privately held security companies Cigital and Codiscope.  In November 2017, Synopsys acquired Black Duck Software for $565 million, providing software composition analysis capabilities that are used to help organizations understand and secure applications.

      Kuehlmann said that in Polaris the different software integrity technologies are brought together with a uniform reporting and user experience. He explained that the integration will, for example, enable Coverity static analysis technology to inform the Black Duck engine if there is a vulnerability in a piece of code and if that vulnerability can be exploited.

      “Part of the strategy is really that the different technologies help each other,” Kuehlmann said.

      Overall, Kuehlmann said Polaris is all about helping organizations improve the entire software development lifecycle. That begins at the IDE (Integrated Development Environment) level where developers are coding, and includes the CI/CD (continuous integration/ continuous deployment) DevOps workflow as well as staging and product environments.

      How Polaris Works

      Polaris consists of several components, with a central server at the core. Kuehlmann explained that the Polaris central server plugs into a CI/CD workflow such that it is an integrated part of the process every time a developer triggers a build or pushes something from a staging environment into production.

      Another core element of Polaris is the Code Sight IDE plugin that integrates with a developer’s coding workflow in an interactive and integrated approach. 

      “The moment you save the file in the IDE, Coverity kicks off in the background and populates your screen with anything it finds,” he said. “The outcome is that a developer can actually fix the majority of the defects earlier in the process when they are coding.”

      Consolidated Risk Reporting

      With the integrated backend technologies for different types of software analysis, Polaris also enables consolidated risk reporting.

      “What a risk-based approach really means is you need to find a way to holistically look at your application portfolio and be able to prioritize the different findings and among the different applications,” Kuehlmann said.

      Kuehlmann explained that Polaris provides an integrated view for risk from its own technologies, and is also set to be open to other integrations to provide a broader viewpoint. He said that the plan is to enable Polaris to be an open platform that will be able to integrate with multiple components.

      “We see Polaris as an open platform that not only uses our technology and can integrate with other technologies, but also as a platform where we look at security as well as quality, service and compliance,” he said.

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×