Built on the same analysis engines as Synopsys’ Coverity and Black Duck products, Polaris fAST Static and fAST SCA services are application security testing tools (AST) integrated and delivered through the most recent version of the Polaris Software Integrity Platform

Polaris was designed to keep up with the increasing velocity of development and shortening of release cycles so that organizations can remain competitive without compromising the overall security of their products.

Polaris provides organizations with a single SaaS AST solution that offers both static application security testing (SAST) and software composition analysis (SCA). This allows users to locate security risks in their proprietary code as well as open-source dependencies.

The platform also offers users flexible configuration so teams can configure Polaris to run different tests at different times based on events such as application, project, schedule, and software development life cycle. 

Polaris also provides results in a single view so security issues can be reviewed and prioritized across proprietary code, open-source components, container images, and infrastructure-as-code templates.

Additionally, users gain access to automated vulnerability scanning and assessment so they can test and triage continuously. Polaris also has the ability to speed up vulnerability triage and fixes by setting policies that make teams aware when vulnerabilities that bring the most risk are detected. 

The platform is also geared at helping security teams manage testing in their organization by providing them with heightened insights.

These insights include: 

  • Vulnerability trends through views that display vulnerability severity and type information so teams can locate AppSec hotspots in portfolios.
  • Test status and performance with a real-time view of both ongoing and completed tests for every project, application, and team.
  • Admin adjustments so that administrators can keep track of configuration changes and organizations can maintain the integrity of test environments.

For more information, read the blog post