Synopsys Seeker

Seeker® by Synopsys, an interactive application security testing (IAST) solution, gives users visibility into web app security posture and identifies vulnerability trends against compliance standards (e.g., OWASP Top 10, PCI DSS, GDPR, CAPEC, and CWE/SANS Top 25). Seeker enables security teams to identify and track sensitive data to ensure that it is handled securely and not stored in log files or databases with weak or no encryption. Seeker’s integration into CI/CD workflows aims to enable fast interactive application security testing at DevOps speed.

Seeker can identify security vulnerabilities and also determine whether a security vulnerability (e.g., XSS or SQL injection) can be exploited, thus providing developers with a risk-prioritized list of verified vulnerabilities to fix in their code immediately. Using patented methods, Seeker processes hundreds of thousands of HTTP(S) requests, identifies vulnerabilities, to reduce false positives to near zero. This enables security teams to focus on actual verified security vulnerabilities first, to improve productivity and reduce business risk.