Category Archives: Interactive Application Security Testing (IAST)

Build security earlier into the SDLC with NT OBJECTives & Coverity

NTO & Coverity launch interactive application security (IAST)

Are your developers effectively testing for and fixing security
vulnerabilities early in the software development lifecycle (SDLC)?

coverity logo

Coverity and NT OBJECTives recently announced the first interactive
application security testing (IAST) solution that developers will
actually want to use. Other solutions were built as add-on security
solutions that plug-into an existing developer environment, whereas our
solution was built on the most popular existing developer platform,
already widely in use by developers to address both non-security and
security issues.

Join us for a webcast next week, May 2nd, where we’ll show you how Coverity & NT OBJECTives are making it easy to build security into the lifecycle.

Correlated results of an XSS vulnerability
Correlated results of an XSS vulnerability

Unique IAST Solution Combines:

  1. dynamic web scanning (DAST)
  2. source code security scanning (SAST)
  3. source code quality and performance scanning (non-security bugs)

Benefits of Coverity/NT OBJECTives solution

  • Developers More Likely to Use the Solution: Because it integrates with their existing workflow and leverages a tool that they are already using, developers prefer Coverity & NTO’s IAST solution.
  • Fewer False Positives: The correlation of DAST and SAST gives additional context to findings and reduces false positives.
  • Increased Efficiency: Developers can prioritize all security vulnerabilities and software defects quickly and easily from a single pane of glass and unified workflow.

 

coverity logo

NT OBJECTives and Coverity release integrated SAST and DAST

We are happy to announce our partnership with Coverity and the general availability the first Interactive Application Security Testing (IAST) solution to be built on a “developer-ready” platform. With this integration, the results from NTO’s Dynamic Application Security Testing (DAST) solution, NTOSpider, are integrated into the development workflow of Coverity’s Static Application Security Testing (SAST) solution and then automatically correlated, enabling security teams to find and fix security defects earlier in the lifecycle and improving collaboration between security and development teams.

coverity logo

 

Learn more in our upcoming webinar (Register Now: Building Security into Development).

The NT OBJECTives and Coverity combined solution is:

  • Fully integrated into existing development workflow
  • Built in a language developers already understand
  • Enables developers to quickly and efficiently remediate security defects
  • Empowers developer to address and prioritize defects as code is written
Correlated results of an XSS vulnerability
Correlated results of an XSS vulnerability

The benefits of our IAST solution are:

Higher Results Confidence: By integrating NTOSpider with the Coverity Development Testing Platform, we’re enhancing our already highly accurate analysis by combining the detection of a potential vulnerability found through SAST, with verification through a real-time exploit attempt provided by DAST. The combined solution determines whether the vulnerability is real and where in the code is located.

Comprehensive Analysis From Two Perspectives: By combining the Coverity Development Testing Platform with NTOSpider, our customers know they are leveraging two state-of-the-art solutions to achieve maximum application coverage.

Increased Efficiency: Developers prioritize vulnerabilities quickly and easily from a single pane of glass and unified workflow.

Improved Collaboration between Security and Development: By combining results into one solution that developers already use, security and development teams can improve communication, prioritization and remediation efforts around security vulnerabilities.

To learn more: