The Synopsys Software Integrity Group is now Black Duck®. If you are an existing Code Sight™ user, please follow these instructions to manually re-install Code Sight in order to receive future updates. If you are a new user, you may proceed with installing Black Duck Code Sight. Note: Support for Code Sight in VS 2017 has been deprecated as of the 2024.3.0 release and we plan to stop supporting VS 2017 in a future release. If this impacts your team, we want to hear from you so please contact us right away. Note: Click here for Code Sight for Visual Studio 2019 and Code Sight for Visual Studio 2022 Code Sight for Visual Studio 2022 v15.8+The Black Duck® Code Sight™ extension helps you find and fix security and quality issues in your software while you code. It can quickly identify vulnerabilities in both source code and open source dependencies, and help you fix them right in the IDE. Once the issues have been identified, Code Sight provides detailed remediation guidance and access to training directly in the IDE to help you quickly fix issues today and write better code going forward. Code Sight uses integrated, lightweight analysis of your code and open-source dependencies without requiring a heavyweight Static Analysis (SAST) or Software Composition Analysis (SCA) tool. Code Sight can be used as a standalone extension for secure development (free trial available) or included with active subscriptions to other Black Duck Application Security Testing (AST) solutions. Code Sight Extension for Black Duck SCA, Coverity, the Polaris Platform, and Software Risk ManagerExtend the capabilities of your Black Duck tools to the developer desktop Users subscribing to the Polaris Software Integrity Platform®, Software Risk Manager (formerly Code Dx), or Coverity® SAST can leverage the rapid, lightweight Code Analysis and Open Source Analysis for free, directly within the IDE. Users subscribing to Coverity® SAST or Black Duck® SCA can leverage the rapid analysis for free, as well as additional analysis capabilities enabled by their solution. After you install the Code Sight extension, simply select the solution(s) for which you have an active license (e.g., Coverity, Black Duck SCA, the Polaris platform, Software Risk Manager) to use Code Sight with these solutions. Code Sight Free TrialSign up for a free trial of Code Sight and get started in only a couple of minutes. Sign-up for the trial directly within the extension and start scanning code in less than five minutes. Contact us if you have any license or product questions. Using Code SightFollow these simple steps to use the Code Sight IDE extension to analyze your projects:
For more information on connecting Code Sight to other Black Duck AST solutions or to learn more, please refer to: Tech SpecsCode Sight can scan large projects and development artifacts in seconds, including:
Code Sight will alert you to any detected issues, including:
Code Sight provides helpful risk insight, including:
License TermsBy downloading this extension, you are agreeing to the Black Duck End User License Agreement. Users with active commercial licenses for Coverity, Black Duck SCA, the Polaris platform, or SRM can also use Code Sight free of charge. Resources |