Electronic design automation company Synopsys Inc. today announced the availability of a new dynamic application security testing offering that is optimized for modern web applications and DevSecOps workflows.

Called Synopsys fAST Dynamic, the new service is built on technology acquired from the company’s acquisition of Whitehat Security in 2022 and has been designed to complement the fAST Static and fAST SCI capabilities on the Synopsys Polaris Software Integrity Platform introduced in 2023.

Synopsys fAST Dynamic allows development and security teams to address vulnerabilities in proprietary source code, open-source dependencies and application behavior through a single fully integrated application security testing solution. Supported by cloud architecture and scalable multitenant software-as-a-service delivery, Synopsys says, Polaris makes it easy for developers to onboard and start scanning in minutes while enabling security teams to track testing activities and manage risk across thousands of applications.

Key features of the service include simplified onboarding and configuration, which allows users to initiate scans in seconds with a few simple steps. Scans can be triggered from the user interface or the Polaris application programming interface, with dynamic testing accessible to teams, including developers and DevOps engineers.

The new service offers “Smart Attack Execution” by leveraging a deep understanding of modern frameworks and technologies to navigate and analyze web applications, ensuring comprehensive test coverage. The capability allows for seamless testing that requires minimal user input and no specialized expertise to detect vulnerabilities with accuracy and efficiency.

Synopsys fAST Dynamic also offers an analysis engine that is optimized to efficiently target critical and high-impact vulnerabilities, which results in fast and accurate scan results while minimizing false positives and unnecessary noise. With the speed and accuracy of the analysis engine, development and DevOps teams can integrate fAST Dynamic directly into their automated continuous integration and continuous delivery pipelines.

“Dynamic analysis is an essential technology for securing modern web applications, but legacy DAST tools can be too slow and difficult to use in fast-paced development environments,” Jason Schmitt, general manager of the Synopsys Software Integrity Group, said ahead of the announcement. “With fAST Dynamic, we have evolved the powerful and accurate scanning technology from Whitehat Security to create a solution designed for the speed of modern development.”

Synopsys fAST Dynamic will be generally available on the Polaris platform in April and can also be purchased as a standalone offering.

Photo: Wikimedia Commons