Singapore, @mcgallen #microwireinfo, April 10, 2019 – Synopsys, Inc. (Nasdaq: SNPS) today announced it has been recognized as a leader in The Forrester Wave™: Software Composition Analysis, Q2 2019.
The report identifies the 10 most significant software composition analysis (SCA) providers and evaluates them against 33 criteria which were grouped into three high-level categories: current offering, strategy, and market presence. Synopsys’ Black Duck® SCA solution received the highest possible score in the Software Development Life Cycle (SDLC) integration, policy management, and training criteria and received the top ranking in the Market Presence category. In the report, Forrester notes that the Black Duck solution has “very strong policy management and SDLC integrations and strong proactive vulnerability management.”
“Open source software is the backbone of modern software development and a key enabler of speed, efficiency and innovation,” said Andreas Kuehlmann, co-general manager of the Synopsys Software Integrity Group. “But without vigilance, it can also be the conduit for risk. Through the Black Duck solution, we help our customers embrace the benefits of open source while proactively managing its inherent risk in a seamless, DevOps-friendly experience. We believe that being named a leader by Forrester validates our approach to helping the world build secure, high-quality software faster.”
In the report, Forrester explains that developers “no longer write all of their own code to solve every problem. Instead, they assemble, configure, and automate their code and often rely on common open source components to quickly add application functionality.” The report points out that “these same critical open source components continue to present a risk to businesses.” As a result, SCA has become critical to secure modern application development. Organizations should seek SCA providers that provide actionable remediation guidance, flexible policy management, and out-of-the-box risk reports that meet the needs of both developers and CISOs.
The Black Duck solution provides a comprehensive software composition analysis solution for managing security, quality, and license compliance risk that comes from the use of open source and third-party code in applications and containers. The Black Duck solution gives you unmatched visibility into third-party code, enabling you to control it across your software supply chain and throughout the application life cycle.
Download a complimentary copy of The Forrester Wave™: Software Composition Analysis, Q2 2019.
About the Synopsys Software Integrity Group
Synopsys Software Integrity Group helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in application security, provides static analysis, software composition analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations optimize security and quality in DevSecOps and throughout the software development life cycle. Learn more at www.synopsys.com/software.
Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As the world’s 15th largest software company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and is also growing its leadership in software security and quality solutions. Whether you’re a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing applications that require the highest security and quality, Synopsys has the solutions needed to deliver innovative, high-quality, secure products. Learn more at www.synopsys.com.