Synopsys Updates Coverity With Enhanced Analysis Capabilities

Today’s topics include Synopsys improving its Coverity Static Application Security Testing technology, and startup Sonrai introducing its Cloud Data Control Service.

Synopsys announced on Jan. 15 that a new version of its Coverity Static Application Security Testing technology is now available, providing organizations with enhanced software vulnerability analysis capabilities. Static analysis is an approach where code is examined for risks and vulnerabilities before operating in a runtime environment.

With the Coverity 2018.12 update, organizations can examine code faster than in previous versions of Coverity, thanks to multiple enhancements including newer languages and frameworks. One of the key new capabilities is a feature that enables static code analysis without build.

Synopsys has also expanded Coverity to enable broader scanning for more vulnerability types across a variety of programming languages.

Startup Sonrai Security officially launched on Jan. 15, introducing its Cloud Data Control Service in an effort to improve security for enterprise data assets stored across multiple clouds.

The Sonrai Cloud Data Control Service provides multiple features to help organizations improve security, including discovery of data assets as well as classification capabilities. The platform also helps organizations meet compliance mandates by identifying areas of risk and potential compliance violations.

Going a step further, Cloud Data Control also provides API-level integration to help enable and protect DevOps workflows.

According to Brendan Hannigan, co-founder of Sonrai Security, "We've essentially built a service which provides a complete risk model of all identity and data relationships, including movement and activity, across each cloud provider account and third-party data stores. We do it to help our customers identify unusual activity which could be surreptitious or it could just be mistakes that cause data to be lost."