Are your developers effectively testing for and fixing security
vulnerabilities early in the software development lifecycle (SDLC)?
Coverity and NT OBJECTives recently announced the first interactive
application security testing (IAST) solution that developers will
actually want to use. Other solutions were built as add-on security
solutions that plug-into an existing developer environment, whereas our
solution was built on the most popular existing developer platform,
already widely in use by developers to address both non-security and
We are happy to announce our partnership with Coverity and the general availability the first Interactive Application Security Testing (IAST) solution to be built on a “developer-ready” platform. With this integration, the results from NTO’s Dynamic Application Security Testing (DAST) solution, NTOSpider, are integrated into the development workflow of Coverity’s Static Application Security Testing (SAST) solution and then automatically correlated, enabling security teams to find and fix security defects earlier in the lifecycle and improving collaboration between security and development teams.
The NT OBJECTives and Coverity combined solution is:
Fully integrated into existing development workflow
Built in a language developers already understand
Enables developers to quickly and efficiently remediate security defects
Empowers developer to address and prioritize defects as code is written
Correlated results of an XSS vulnerability
The benefits of our IAST solution are:
Higher Results Confidence: By integrating NTOSpider with the Coverity Development Testing Platform, we’re enhancing our already highly accurate analysis by combining the detection of a potential vulnerability found through SAST, with verification through a real-time exploit attempt provided by DAST. The combined solution determines whether the vulnerability is real and where in the code is located.
Comprehensive Analysis From Two Perspectives: By combining the Coverity Development Testing Platform with NTOSpider, our customers know they are leveraging two state-of-the-art solutions to achieve maximum application coverage.
Increased Efficiency: Developers prioritize vulnerabilities quickly and easily from a single pane of glass and unified workflow.
Improved Collaboration between Security and Development: By combining results into one solution that developers already use, security and development teams can improve communication, prioritization and remediation efforts around security vulnerabilities.