[Tool Request]: Polaris Software Integrity Platform

Tool or Product name

Polaris Software Integrity Platform

Open Source or Proprietary

proprietary

Company or Organization name

Synopsys

Organization or Company Logo Usage

[X] Already a member of SPDX
[X] Permission to use logo as an SPDX supporter (required if not a member)

Public Contact Email or URL

info@synopsys.com

Product or tool website

https://www.synopsys.com/software-integrity/software-composition-analysis-tools.html

Description

The Polaris Software Integrity Platform® uses its fAST SCA (software composition analysis) engine to help teams manage the security, quality, and license compliance risks that come from using open source and third-party code in applications. Manage software supply chain risks and make software bills of materials (SBOMs) part of the entire app lifecycle.

SPDX Versions supported

[ ] 2.0
[ ] 2.1
[ ] 2.2
[X] 2.3
[ ] 3.0

SPDX verification

Polaris fAST SCA uses the https://github.com/spdx/Spdx-Java-Library to generate SPDX compliant SBOMs.

How to procure

Visit https://www.synopsys.com/software-integrity/polaris.html for more information. Contact us to schedule a demo or with questions at https://www.synopsys.com/software-integrity/contact-sales.html

Installation instructions

The Polaris Software Integrity Platform is a cloud-hosted, as-a-service application security testing (AST) platform. Users may log in, set up SSO, and connect via API and other out-of-the-box SDLC integrations. For more information, review the Polaris documentation at https://sig-product-docs.synopsys.com/bundle/polaris/page/documentation/r_org-how.html

Link to quick start guide

https://sig-product-docs.synopsys.com/bundle/polaris/page/documentation/c_product-overview.html

spdx / outreach