Overview
Product Information on Synopsys API Scanner (Legacy)
What is Synopsys API Scanner (Legacy)?
Synopsys API Scanner (Legacy) Pricing
Overall experience with Synopsys API Scanner (Legacy)
“Great tool for API threat/vulnerability sec testing, works well for REST and GraphQL API”
“Seamless integration into our development process, helping us produce faster secure code ”
About Company
Company Description
Black Duck builds trust in software by enabling organizations to manage application security, quality, and compliance risks at the speed their business demands. Black Duck solutions help developers to secure code as fast as they write it; development and DevSecOps teams to automate testing within development pipelines without compromising velocity; and security teams to proactively manage risk and focus remediation efforts on what matters most. With Black Duck, organizations can transform the way they build and deliver software, aligning people, processes, and technology to intelligently address software risks across their portfolio and at all stages of the application lifecycle.
Company Details
Do You Manage Peer Insights at Black Duck?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
Reviewer Insights for: Synopsys API Scanner (Legacy)
Performance of Synopsys API Scanner (Legacy) Across Market Features
Synopsys API Scanner (Legacy) Likes & Dislikes
Functional validation of the API's is spot on. Infact, minor deviations and combination of common errors are spotted pretty easily. Ability to log and save the specific thread on which vulnerability has been reported. Easy analysis and debugging. Smooth CI/CD implementation. Integrates well with Azure platform. Strong user community with timely support.
1. High level of precision 2. Tool's metrics and the vectors used for vulnerabilities tracking 3. The product is stable, without major hiccups in functionality 4 The product is scalable 5. Good customer support
Easily helps in scanning the variety of features like java script object notation (JSON) based API. Easy to maintain. Cost efficient keeping in mind the breadth of services being offered. Having flexible interfaces along with its architectures helps better understanding of API's.
The list of vulnerabilities covered is sufficient. Auth bypass checks can be improved and all the possible vulnerabilities aren't validated at times. works well with On-prem API's. However, we've seen some challenges integrating and implementing this on the AWS stack based API's.
1. Pretty pricy, being licensed on number of lines of code 2. No free trial options...you need to find workarounds before buying it 3. Initial configuration needs some time as it is not straightforward..so you need support for it
Room to grow in documentation, can provide better documentation/tutorials. No proper awareness about the upgrade when new version has been released. Customer support can be improved can be more interactive and solutioning can be faster.
Top Synopsys API Scanner (Legacy) Alternatives
Peer Discussions
Synopsys API Scanner (Legacy) Reviews and Ratings
- Quality Engineer10B+ USDIT ServicesReview Source
Great tool for API threat/vulnerability sec testing, works well for REST and GraphQL API
Works well with GraphQL and Restful API's. SOAP API's doesn't work. Very good tool to use for Pen Testing phase. Authorization and Authentication vulnerability checks at DB level are straight-forward. Reporting and analysis is comprehensive. - DATA SCIENTIST10B+ USDMiscellaneousReview Source
Synopsys API Scanner - Cost Efficient & Useful threat vector
The Synopsys API scanner has several platform support which helps us to find the threats in terms of security. Best feature it has that the platform can very easily scan through the GIT repository and it shows the detailed metrics and all the results. User interface is very good. It also helps in identifying the security defects on the application programming interfaces along with potential endpoints. - IT Operations Director50M-1B USDBankingReview Source
Seamless integration into our development process, helping us produce faster secure code
My organization use the tool to scan the APIs for any risk or vulnerability in order to understand our posture capabilities way before the initial deployment. It allows us to replay the requests that exploit the vulnerabilities - DECISION ANALYTICS ASSOCIATE CONSULTANT1B-10B USDHealthcare and BiotechReview Source
Synopsys API Scanner Review
The Synopsys API Scanner provides a seamless platform for integrating into the development process which helps us to provide secure and faster code. - pre sales solutions architect50M-1B USDIT ServicesReview Source
A great tool to secure software vulnerabilities at the application layer
A superb testing tool offering great value and features for the full stack, dynamic functionality, support a wide variety of use cases