Listen to this article

Modern code is not without problems, from not functioning the way developers intended, to having vulnerabilities that can be exploited by threat actors. The old ways of coding apps and leaving cybersecurity to cybersecurity professionals may be over. Now, coders have to take on cybersecurity roles, and integrate software integrity and security into their coding roles. With coding being already a difficult task, there are tools that coders can use to help them identify problems and vulnerabilities with their code. Synopsys, a leading vendor in software security and integrity, has recently been recognized by leading research firm Forrester in their Forrester Wave report, as a leader in static application security testing. Read more below.

SINGAPORESynopsys, Inc. (Nasdaq: SNPS) was named a leader in The Forrester Wave™: Static Application Security Testing, Q3 2023. The paper examines the 11 leading static application security testing (SAST) companies on 26 criteria in three high-level categories: Current Offering, Strategy, and Market Presence. Synopsys’ Coverity® SAST solution received the second highest score in the Current Offering category, and tied for the second highest scores in both Strategy and Market Presence categories.

SAST solutions assist cybersecurity and development leaders detect, prioritize, and resolve security vulnerabilities fast in proprietary code by seamlessly integrating into developer workflows, according to the research.

In the Current Offering category, Synopsys scored highest in Detection, among the highest in Product Security, and tied for second in DevSecOps Workflows. In Strategy, Synopsys scored highest in Roadmap, Partner Ecosystem, and Supporting Services and Solutions.

The paper states that Coverity provides developers with native, high-confidence, high-impact scan analysis to maximize actionable outcomes. Scan configuration settings allow practitioners to increase analysis for full coverage and higher false positive tolerance. Software Risk Manager centralizes all scan types and vendor results. The application helps security professionals identify the most important issues in their portfolios and eliminate false positives by filtering by policy, age, predicated status, and ML confidence rating based on triage history. Custom checkers help Coverity maintain an “extremely low false-alarm rate,” according to one customer.”

“We’re honored to be recognised by Forrester as a leader in this evaluation,” said Jason Schmitt, general manager of the Synopsys Software Integrity Group. “With the emergence of DevOps and AI-assisted coding solutions, it is critical that organisations can find and fix vulnerabilities in their proprietary code quickly and at scale, without introducing unnecessary friction into the software delivery cycle. We believe the results of this evaluation reflect our commitment to helping customers build trust in their software—with confidence and at the speed their businesses demand.”