Synopsys Introduces Code Sight Standard Edition to Enable Secure Software Development

Standalone IDE plugin enables developers to detect security vulnerabilities in source code and open source dependencies

MOUNTAIN VIEW, Calif., Feb. 9, 2022 -- Synopsys, Inc. (Nasdaq: SNPS) today announced the general availability of Code Sight™ Standard Edition, a standalone version of the Code Sight plugin for integrated development environments (IDE) that enables developers to quickly find and fix security defects in source code, open source dependencies, infrastructure-as-code files, and more before they commit their code. Code Sight Standard Edition leverages Synopsys' Rapid Scan Static and Rapid Scan SCA technology to provide fast, lightweight application security analysis in the developer's IDE, preventing costly rework caused by issues discovered later in the software development lifecycle (SDLC).

By enabling developers to fix security defects as they are coding, Code Sight Standard Edition reduces the load on downstream security testing and minimizes costly rework to fix issues discovered after developers have moved on to other projects. Code Sight Standard Edition, which is currently available for the Visual Studio Code IDE, works independently of centralized security testing tools like Coverity SAST and Black Duck SCA, which are typically used later in the SDLC. Developers can download and install Code Sight directly from the VS Code Marketplace and start analyzing their code in less than five minutes. Code Sight Standard Edition is available for free for a 30-day trial period.

"In the age of modern software development, speed is king and software risk equates to business risk," said Jason Schmitt, general manager of the Synopsys Software Integrity Group. "That means developers shoulder a tremendous responsibility in protecting their organizations and they do not have the luxury of time to stop and scan. Equipping them with technology that helps them write more secure code from the outset can dramatically reduce the amount of time spent fixing open source and code security defects later in the SDLC. However, these benefits can't be achieved if developers are forced to change the way they work or switch back and forth between different tools. Code Sight is unique because it embeds market-leading open source and code analysis technology, optimized for the speed requirements of developers, all directly within the tool they are already using."

Download the Code Sight IDE plugin today or read the blog to learn how Code Sight can proactively improve your application security posture while saving you time and money.

About the Synopsys Software Integrity Group

Synopsys Software Integrity Group provides integrated solutions that transform the way development teams build and deliver software, accelerating innovation while addressing business risk. Our industry-leading portfolio of software security products and services is the most comprehensive in the world and interoperates with third-party and open source tools, allowing organizations to leverage existing investments to build the security program that's best for them. Only Synopsys offers everything you need to build trust in your software. Learn more at www.synopsys.com/software.

About Synopsys

Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As an S&P 500 company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and offers the industry's broadest portfolio of application security testing tools and services. Whether you're a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing more secure, high-quality code, Synopsys has the solutions needed to deliver innovative products. Learn more at www.synopsys.com.