"Through the acquisition of Tinfoil Security, Synopsys is expanding its DAST capabilities and adding API security testing capabilities, extending the most comprehensive portfolio of application security and quality testing solutions and further strengthening our technology leadership," said Andreas Kuehlmann, co-general manager of the Synopsys Software Integrity Group.
"Tinfoil Security provides Synopsys with proven DAST technology that can be seamlessly integrated into development and DevOps workflows. Furthermore, Tinfoil Security's innovative API scanning technology addresses an emerging demand in the market and will further differentiate the Synopsys portfolio."
Tinfoil Security's web scanning solution is a next-generation DAST technology that identifies vulnerabilities on web applications and is tightly integrated with DevOps workflows. The Tinfoil Security API Scanner detects vulnerabilities in APIs, including web-connected devices such as mobile backend servers, IoT devices, as well as any RESTful APIs.
According toGartner Research, "API security testing solutions can offer significant benefits by allowing organisations to design more secure and resilient APIs, which in turn enables greater confidence and speed in their deployment.
"Eliminating exploitable vulnerabilities obviously makes it more difficult for attackers to gain access to applications and systems exposed via APIs. Since APIs are a significant emerging attack vector, security testing helps avoid the tangible and intangible costs associated with breaches and other types of security incidents."