{"id":57579,"date":"2019-08-29T08:26:47","date_gmt":"2019-08-29T16:26:47","guid":{"rendered":"https:\/\/devblogs.microsoft.com\/devops\/?p=57579"},"modified":"2019-08-29T09:47:04","modified_gmt":"2019-08-29T17:47:04","slug":"enabling-devsecops-with-synopsys-and-microsoft","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/devops\/enabling-devsecops-with-synopsys-and-microsoft\/","title":{"rendered":"Enabling DevSecOps with Synopsys and Microsoft"},"content":{"rendered":"<p><strong><em>This article was contributed by Ed Wong, Business Development Director at Synopsys<\/em><\/strong><\/p>\n<p>Since 2014, the strategic partnership between Microsoft and <a href=\"https:\/\/www.synopsys.com\/software-integrity\/partners\/cloud\/microsoft.html\">Synopsys<\/a> has enabled development teams to write better, more secure code before it is released to production. With our integrations, development teams can easily manage risks throughout the Software Development Life Cycle (SDLC) by using Synopsys\u2019 industry-leading application security testing solutions in Microsoft&#8217;s DevOps solutions, including <a href=\"https:\/\/azure.com\/devops\">Azure DevOps<\/a> and <a href=\"https:\/\/visualstudio.microsoft.com\/vs\/\">Visual Studio<\/a>.<\/p>\n<p>In the cloud computing era, Synopsys and Microsoft have extended this collaboration further, providing developers a clear solution for security and quality in cloud software\u2014whether internally developed, from a third party, or open source. Synopsys and Microsoft deliver security to DevOps with these <a href=\"https:\/\/www.synopsys.com\/software-integrity\/partners\/cloud\/microsoft.html\">joint integrations<\/a>:<\/p>\n<ul>\n<li><strong>Synopsys Detect for Azure DevOps<\/strong> supports native scanning in Azure DevOps for static code analysis (SAST) and open source software detection (SCA). \n<ul>\n<li>Run Coverity SAST as part of your build pipeline to identify security and quality issues. <\/li>\n<li>Invoke Black Duck SCA to perform a component scan during the build pipeline. <\/li>\n<li>View comprehensive Coverity SAST and Black Duck SCA scan results to identify and prioritize any software issues. <\/li>\n<\/ul>\n<\/li>\n<li><strong>Code Sight for Visual Studio<\/strong> enables developers to find bugs and quality defects inline while coding. <\/li>\n<li><strong>Black Duck for Visual Studio<\/strong> identifies security and license compliance issues for open source packages. <\/li>\n<li><strong>Seeker for Azure DevOps<\/strong> monitors web app interactions in the background during functional, quality assurance, and user acceptance testing to quickly process hundreds of thousands of web application requests, providing real-time web vulnerability results with higher accuracy than traditional dynamic scanning tools. <\/li>\n<\/ul>\n<p>By tightly integrating the Synopsys suite of application security solutions with Azure DevOps and Visual Studio, development teams can secure all application code\u2014regardless of where it\u2019s built or deployed.<\/p>\n<p><img decoding=\"async\" width=\"882\" height=\"361\" src=\"https:\/\/devblogs.microsoft.com\/devops\/wp-content\/uploads\/sites\/6\/2019\/08\/word-image-1.png\" class=\"wp-image-57581\" srcset=\"https:\/\/devblogs.microsoft.com\/devops\/wp-content\/uploads\/sites\/6\/2019\/08\/word-image-1.png 882w, https:\/\/devblogs.microsoft.com\/devops\/wp-content\/uploads\/sites\/6\/2019\/08\/word-image-1-300x123.png 300w, https:\/\/devblogs.microsoft.com\/devops\/wp-content\/uploads\/sites\/6\/2019\/08\/word-image-1-768x314.png 768w\" sizes=\"(max-width: 882px) 100vw, 882px\" \/><\/p>\n<h2>Synopsys + Microsoft = Secure DevOps for Azure Customers<\/h2>\n<p>The partnership between Synopsys and Microsoft delivers a seamless, integrated toolset to build and deploy secure apps faster. Synopsys solutions can be deployed on-premises or in Azure, and can be invoked from Azure DevOps (including <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/devops\/server\/\">Azure DevOps Server<\/a>), and other CI\/CD tools.<\/p>\n<p>By using Synopsys\u2019 industry-leading application security testing solutions, developers can automate security in their Microsoft ecosystem, while maintaining productivity and managing risk in the SDLC.<\/p>\n<h2>Learn more in our free webinar<\/h2>\n<p>Interested in learning more about our partnership to build and deploy secure apps in the cloud?<\/p>\n<p>Synopsys and Microsoft are organizing a <strong>joint webinar \u201c<em>Automating Pipeline Security With Synopsys and Azure DevOps<\/em>\u201d on September 12, 2019 at 12:00 pm EDT<\/strong>, with Sasha Rosenbaum (<a href=\"https:\/\/twitter.com\/DivineOps\">@<\/a><a href=\"https:\/\/twitter.com\/DivineOps\">DivineOps<\/a>) and Tomas Gonzalez (<a href=\"https:\/\/twitter.com\/SW_Integrity\">@<\/a><a href=\"https:\/\/twitter.com\/SW_Integrity\">SW_Integrity<\/a>). <a href=\"https:\/\/www.brighttalk.com\/webcast\/13983\/368700\">Sign up today for free<\/a>.<\/p>\n<p>You can also meet Synopsys at Booth 1801 at <a href=\"https:\/\/www.microsoft.com\/en-us\/ignite\">Microsoft Ignite<\/a>, November 4\u20138 in Orlando, Florida.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Integration between Synopsys and Microsoft enables developers to build secure software faster\u2014putting the \u201cSec\u201d in DevSecOps. Learn more in our free webinar!<\/p>\n","protected":false},"author":849,"featured_media":57580,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[224],"tags":[],"class_list":["post-57579","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-azure"],"acf":[],"blog_post_summary":"<p>Integration between Synopsys and Microsoft enables developers to build secure software faster\u2014putting the \u201cSec\u201d in DevSecOps. Learn more in our free webinar!<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts\/57579","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/users\/849"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/comments?post=57579"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts\/57579\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/media\/57580"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/media?parent=57579"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/categories?post=57579"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/tags?post=57579"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}