Synopsys Recognized as a Leader in Software Composition Analysis by Independent Research Firm
MOUNTAIN VIEW, Calif., Aug. 19, 2021 /PRNewswire/ -- Synopsys, Inc. (Nasdaq: SNPS) today announced it has been recognized as a leader in The Forrester Wave™: Software Composition Analysis, Q3 2021. The report identifies the 10 most significant vendors in the software composition analysis (SCA) market and evaluates them against 37 criteria grouped into three high-level categories: current offering, strategy, and market presence. Synopsys' Black Duck SCA solution received the highest score among all 10 vendors in the strategy category and ranked second in the market presence category.
The report states: "Unfortunately, as firms increasingly rely on external components, they expose themselves and their customers to greater risk when those components include critical vulnerabilities or don't conform to company policies." The report goes on to suggest that SCA customers should look for providers that "address risks in a wide range of nonproprietary components… advise developers on how to remediate vulnerabilities, license risks, and stale code…[and] analyze and bolster the software supply chain."
Within the current offering category, Synopsys received among the top scores in the vulnerability identification criterion and the second highest score in the policy management criterion. According to the report, "Synopsys's vulnerability detection capabilities are among the strongest in this Forrester Wave, and they are one of the few vendors in this Forrester Wave that conducts snippet analysis to identify potential license and copyright violations, a technique that several of their top competitors have dropped. Customer references appreciated the accuracy: 'If Black Duck is reporting something as a problem, it's a problem.' References also rated Synopsys highly for vulnerability remediation guidance and prioritization."
Within the strategy category, Synopsys received the highest scores possible in three of the six criteria: product vision, market approach, and corporate culture. The Forrester report notes that "Synopsys stands out for analysis depth and AST vision. Synopsys envisions embedding the full range of application security testing (AST) tools into developer workflows and tools so that development teams can uniformly prioritize and remediate flaws across proprietary, open source, and third-party components. The company's SCA roadmap centers on developer enablement and the concept of intelligent progressive analysis: conducting different levels of analysis at different stages of the SDLC, depending on the need."
"We're proud to be recognized by Forrester as a leader in this SCA evaluation," said Jason Schmitt, general manager of the Synopsys Software Integrity Group. "Software composition and supply chain risk are now top of mind issues for development and security teams, and Synopsys continues to lead the way with a powerful combination of accuracy, performance and scale. Our vision of frictionless identification of all types of software risk throughout the SDLC delivers a seamless experience for developers and a proactive, prioritized view of risk for security teams."
Download a complimentary copy of The Forrester Wave™: Software Composition Analysis, Q3 2021.
About the Synopsys Software Integrity Group
Synopsys Software Integrity Group helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in application security, provides static analysis, software composition analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations optimize security and quality in DevSecOps and throughout the software development life cycle. Learn more at www.synopsys.com/software.
Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As the world's 15th largest software company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and is also growing its leadership in software security and quality solutions. Whether you're a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing applications that require the highest security and quality, Synopsys has the solutions needed to deliver innovative, high-quality, secure products. Learn more at www.synopsys.com.
Mark Van Elderen
SOURCE Synopsys, Inc.