Synopsys, Inc. has just recently announced that it has acquired Code Dx, provider of an award-winning application security risk management solution that automates and accelerates the discovery, prioritisation, and remediation of software vulnerabilities. This move by the software giant will allow customers to receive consolidated risk reporting and prioritisation across correlated software vulnerability data produced by Synopsys solutions and more than 75 third-party and open-source application security and development products.
Prior to the acquisition, Code Dx was a valued member of the Synopsys Technology Alliance Partner (TAP) program. As part of that partnership, Synopsys worked closely with Code Dx to support their integrations within the Synopsys product portfolio. As a result, customers can use Code Dx’s offering in conjunction with Synopsys products immediately.
Alongside broadening an already expansive portfolio of security solutions, this acquisition will see an enlargement in the company’s team of R&D engineers as well. In particular, a team experienced in vulnerability correlation and integrating security testing activity across the entire software development pipeline.
“The complexity and speed of modern software development requires the use of multiple security testing technologies and rapid testing cycles,” said Jason Schmitt, general manager of the Synopsys Software Integrity Group. “While robust security testing is vital to securing modern software, it often produces large amounts of vulnerability data that is difficult to manage at speed and at scale. Code Dx enables our customers to optimize and harness the breadth of our application security portfolio, along with third-party tools, by aggregating, correlating, and prioritizing security testing results based on risk.”
The addition of Code Dx makes Synopsys the first vendor to provide the full spectrum of application security tools and services, including:
- A complete suite of industry-leading security testing tools
- An intelligent orchestration engine that automatically determines and initiates the appropriate tests for each step in the DevOps workflow
- An aggregation, correlation, and prioritization solution for the vulnerabilities identified during testing
- Consolidated application security risk reporting across any commercial and open-source application security solutions
- Consulting and managed services to align people, process, and technology and address application security risks holistically
Learn more at https://www.synopsys.com/software-integrity.