Electronic Design Automation

IDE plugin detects security vulnerabilities in design source code

10 February 2022

Electronic design automation (EDA) vendor Synopsys Inc. has released a standalone version of its Code Sight plugin for integrated development environments (IDE).

The plugin allows developers to find and fix security defects in source code, open source dependencies, infrastructure-as-code files and more before a code is committed.

The software leverages Synopsys’ Rapid Scan Static and Rapid Scan SCA technology for security analysis in the developer’s IDE, preventing rework of issues discovered later in the software development lifecycle (SDLC).

The Code Sight software reduces the load on downstream security testing and minimizes rework to fix the issues. The software works independently of centralized security testing tools such as Coverity SAST and Black Duck SCA.

"In the age of modern software development, speed is king and software risk equates to business risk," said Jason Schmitt, general manager of the Synopsys Software Integrity Group. "That means developers shoulder a tremendous responsibility in protecting their organizations and they do not have the luxury of time to stop and scan. Equipping them with technology that helps them write more secure code from the outset can dramatically reduce the amount of time spent fixing open source and code security defects later in the SDLC.”

To contact the author of this article, email engineering360editors@globalspec.com

Powered by CR4, the Engineering Community

Discussion – 0 comments

By posting a comment you confirm that you have read and accept our Posting Rules and Terms of Use.
Engineering Newsletter Signup
Get the Engineering360
Stay up to date on:
Features the top stories, latest news, charts, insights and more on the end-to-end electronics value chain.
Weekly Newsletter
Get news, research, and analysis
on the Electronics industry in your
inbox every week - for FREE
Sign up for our FREE eNewsletter