Synopsys is a global leader in semiconductor design EDA tools and software security testing. The company's Software Integrity Group (now Black Duck) provides application security testing products including Polaris, Coverity (SAST), Black Duck (SCA), and Seeker (IAST). Synopsys also offers cloud-based EDA and semiconductor design services through the Synopsys Cloud platform.
Type: Company Website: synopsys.com Developer Portal: polaris.synopsys.com/developer
The Polaris Software Integrity Platform API provides programmatic access to application security testing orchestration, project management, scan configuration, and issue tracking. Integrates with GitHub, GitLab, Bitbucket, and Azure DevOps.
- Documentation: polaris.synopsys.com/developer/default/documentation
- OpenAPI: openapi/synopsys-polaris-openapi.yml
| Method | Path | Summary |
|---|---|---|
| GET | /portfolios/projects | List Projects |
| GET | /portfolios/projects/{projectId} | Get Project |
| GET | /portfolios/branches | List Branches |
| GET | /jobs/runs | List Scans |
| GET | /jobs/runs/{runId} | Get Scan Run |
| GET | /issues | List Issues |
| GET | /issues/{issueId} | Get Issue |
| POST | /reports | Generate Report |
| GET | /reports/{reportId} | Get Report |
The Synopsys Cloud OpenLink API enables semiconductor vendors to interoperate with Synopsys Cloud for managing product entitlements and license distribution, supporting both synchronous and asynchronous license file delivery.
- Documentation: synopsys.com/cloud/openlink/api.html
- OpenAPI: openapi/synopsys-cloud-openlink-openapi.yml
| Method | Path | Summary |
|---|---|---|
| POST | /entitlements | Get Vendor Entitlements |
| POST | /licenses | Generate License File |
| GET | /licenses/{licenseId} | Download License File |
The Coverity Platform REST API provides programmatic access to static analysis results, project management, and defect tracking.
- Documentation: community.synopsys.com/s/topic/0TO34000000LmwWGAS/rest-api
The Seeker REST API provides access to IAST vulnerability findings, project management, and compliance reporting.
- Documentation: Seeker API Documentation
| File | Description |
|---|---|
| capabilities/shared/polaris.yaml | Polaris API consumed definition |
| capabilities/shared/cloud-openlink.yaml | Cloud OpenLink API consumed definition |
| Capability | Description | Tools |
|---|---|---|
| application-security-testing.yaml | Unified AppSec testing (projects + scans + issues + reports) | 6 tools |
| eda-license-management.yaml | EDA tool license management (entitlements + license generation) | 3 tools |
| Type | File |
|---|---|
| OpenAPI | openapi/synopsys-polaris-openapi.yml |
| OpenAPI | openapi/synopsys-cloud-openlink-openapi.yml |
| Spectral Rules | rules/synopsys-rules.yml |
| JSON Schema | json-schema/synopsys-security-issue-schema.json |
| JSON Structure | json-structure/synopsys-security-issue-structure.json |
| JSON-LD Context | json-ld/synopsys-context.jsonld |
| Vocabulary | vocabulary/synopsys-vocabulary.yml |
| File | Description |
|---|---|
| examples/synopsys-polaris-listIssues-example.json | List security issues response |
| examples/synopsys-cloud-openlink-getEntitlements-example.json | Get license entitlements response |
- Static Application Security Testing (SAST) via Coverity
- Software Composition Analysis (SCA) via Black Duck
- Interactive Application Security Testing (IAST) via Seeker
- DevSecOps Pipeline Integration
- GitHub, GitLab, Bitbucket, Azure DevOps Integration
- CWE and CVE-based Issue Classification
- Security Report Generation (PDF, JSON, CSV)
- EDA Tool License Entitlement Management
- Synchronous and Asynchronous License Delivery
- GitHub Actions Integration
FN: API Evangelist Email: info@apievangelist.com