Synopsys Code Dx Brochure

Synopsys Code Dx enables you to implement DevSecOps in your organisation by automating application security processes throughout the entire SDLC. Our platform automatically determines the appropriate tests to execute at scale (SAST, DAST, SCA, etc.). It then automatically prioritizes your most exploitable vulnerabilities by correlating thousands of results from multiple AppSec tools. As a result, you get a complete picture of risk visibility for your organization’s entire software portfolio from one centralized hub.

Test execution

  • Automatically configures and runs your AppSec tools from a centralized console
  • Automatically selects the best available AppSec tools for your codebase
  • Supports 70+ of the most popular SCA, SAST, DAST, and IAST tools
  • Integrates and scales to move at the speed of DevOps
    – Out-of-the-box integrations with Jira, Jenkins, Visual Studio, Eclipse, and other issue trackers
    – Performance clusters enable ultra-fast correlation and vulnerability prioritization
  • Feeds into a system of record that tracks all AppSec testing activities

Automated prioritisation

  • Automatically identifies and scores vulnerability issues with the Code Dx AppSec Correlation Engine
  • Uses our machine-learning Triage Assistant to identify which vulnerabilities are most critical and recommend them for remediation
  • Prioritises based on compliance standards such as NIST, PCI, HIPAA, DISA, OWASP Top 10
  • Automatically sends high-priority vulnerabilities to developers’ issue trackers (e.g., Jira) for remediation
    – Links to the exact line of code for each defect to be viewed

Risk visibility

  • Provides a 360-degree view of risk for each application: custom code, third-party components, network where software resides
  • Identifies vulnerability risk for your third-party software, custom code, and live deployments
  • Provides correlated risk scores for your code before it is released
  • Maintains a system of record for all the AppSec testing and remediation tasks for each application, throughout its lifetime
  • Covers three attack surfaces: custom code, third-party, network

download button

Application Security Solutions | Synopsys Partner | Contact us
Sign up to our newsletter | Synopsys