Synopsys Seeker 2018.07
Synopsys' Seeker 2018.07 interactive application security testing offering has been redesigned to enable DevSecOps and continuous delivery of secure web applications. Seeker monitors web applications during preproduction testing cycles and automatically verifies whether vulnerabilities are exploitable, providing developers with accurate, actionable information in real time.
Seeker enables security teams to identify and track sensitive data such as credit cards numbers, usernames and passwords to ensure that they are handled securely and not stored in log files or databases with weak or no encryption. Sensitive data tracking helps organizations comply with data security regulations such as GDPR.
The tool also provides automatic active verification to confirm that detected vulnerabilities are exploitable, resulting in a near-zero false positive rate. This verification is achieved through patented technology that replays original HTTP(S) requests with tainted parameters and monitors the resulting application data flow.