Synopsys fAST Dynamic enables DevOps teams to fix security vulnerabilities in modern web apps
Synopsys released Synopsys fAST Dynamic, a new dynamic application security testing (DAST) offering on the Synopsys Polaris Software Integrity Platform.
fAST Dynamic enables development, security, and DevOps teams to find and fix security vulnerabilities in modern web applications without impeding development velocity. fAST Dynamic features a simplified onboarding and configuration experience, smart attack execution, and an innovative analysis engine designed for DevSecOps workflows.
Synopsys fAST Dynamic, which is built on the innovative scanning technology acquired from WhiteHat Security, complements the fAST Static and fAST SCA capabilities introduced on the Polaris platform in 2023. Together they enable development and security teams to address vulnerabilities in proprietary source code, open source dependencies, and application behavior through a single fully integrated application security testing solution.
Underpinned by modern cloud architecture and scalable multi-tenant SaaS delivery, Polaris makes it easy for developers to onboard and start scanning in minutes while enabling security teams to track testing activities and manage risk across thousands of applications.
“Dynamic analysis is an essential technology for securing modern web applications, but legacy DAST tools can be too slow and difficult to use in fast-paced development environments,” said Jason Schmitt, GM of the Synopsys Software Integrity Group.
“With fAST Dynamic, we have evolved the powerful and accurate scanning technology from Whitehat Security to create a solution designed for the speed of modern development. Synopsys fAST Dynamic enables DevOps teams to scan their applications quickly and accurately, eliminating the need for time-consuming configuration and triage efforts which are often required with legacy tools. With the addition of fAST Dynamic, Polaris customers can orchestrate rapid static, SCA, and dynamic scans through a unified SaaS platform, enabling them to simplify and accelerate their DevSecOps workflows,” added Schmitt.
Synopsys fAST Dynamic is designed to support rapid DevSecOps workflows with features that include:
Simplified onboarding and configuration: fAST Dynamic allows users to initiate scans in seconds with a few simple steps, removing the need for intricate configuration settings or extensive technical security knowledge. Scans can be triggered from the user interface or the Polaris API. This capability makes dynamic testing accessible to a broad range of teams, including developers and DevOps engineers.
Smart attack execution: fAST Dynamic leverages its deep understanding of modern frameworks and technologies to intelligently navigate and analyze web applications, ensuring comprehensive test coverage. This advanced capability allows for a seamless testing experience that requires minimal user input and no specialized expertise, setting a new standard in detecting vulnerabilities with unmatched accuracy and efficiency.
Innovative analysis engine: fAST Dynamic is optimized to efficiently target critical and high-impact vulnerabilities, delivering fast and accurate scan results while minimizing false positives and unnecessary noise. Due to the speed and accuracy of its analysis engine, development and DevOps teams can integrate fAST Dynamic directly into their automated CI/CD pipelines.
Synopsys fAST Dynamic will be generally available on the Polaris platform in April and can be purchased as a stand-alone offering or together with fAST Static and fAST SCA.