Synopsys Named a Leader in the 2022 Gartner® Magic Quadrant™ for Application Security Testing for Sixth Consecutive Year
Synopsys Consistently Placed Highest in Ability to Execute and Completeness of Vision Four Years in a Row
MOUNTAIN VIEW, Calif., April 21, 2022 /PRNewswire/ -- Synopsys, Inc. (Nasdaq: SNPS), today announced it has been named by Gartner, Inc. as a Leader in the "Magic Quadrant for Application Security Testing" for the sixth consecutive year.1 In the report, Gartner evaluated 14 application security testing vendors based on their Completeness of Vision and Ability to Execute. Synopsys placed highest in Ability to Execute and Completeness of Vision for the fourth year in a row.
As the speed and complexity of development increases and the occurrence of high-impact application security breaches becomes more frequent, security and development teams are looking to integrate and automate security testing as part of their software development activities.
According to the authors of the report, "Gartner continues to observe that the major driver in the evolution of the AST market is the need to support enterprise DevSecOps and cloud-native application initiatives. Customers require offerings that provide high-assurance, high-value findings, while not unnecessarily slowing down development efforts. Clients expect offerings to fit earlier into the development process, with testing often driven by developers, rather than security specialists. As a result, this market evaluation focuses heavily on the buyer's needs involving support of rapid and accurate testing for various application types, capable of integration in an increasingly automated fashion throughout software delivery workflows."
"Recent high-profile vulnerabilities and software supply chain attacks have highlighted that managing software risk is becoming increasingly complex," said Jason Schmitt, general manager of the Synopsys Software Integrity Group. "Organizations need a variety of integrated and interoperable application security solutions to address risks across the SDLC and the broader software supply chain—solutions that help them prioritize their remediation efforts while maintaining the velocity of their development workflows. We have made significant investments in these areas over the past year, including the release of new Rapid Scan capabilities for Coverity SAST and Black Duck SCA, the launch of Code Sight Standard Edition, a standalone version of our IDE plugin for developer-driven testing, and the acquisition of Code Dx, an open platform that helps security and development teams correlate and prioritize security findings across their AST tool portfolio. We believe our continued recognition by Gartner as a Leader in application security testing validates our strategy and ability to address the evolving needs of the market."
Download a complimentary copy of the 2022 Gartner Magic Quadrant for Application Security Testing to learn more.
Over the past year, the Synopsys Software Integrity Group has announced several new offerings and initiatives that have contributed to the business's growth and momentum:
- In June of 2021, Synopsys acquired Code Dx, the provider of an award-winning application security risk management solution that automates and accelerates the aggregation, correlation, deduplication, and prioritization of software vulnerabilities from Synopsys' broad portfolio of solutions as well as more than 100 third-party commercial and open source products. Code Dx provides consolidated risk reporting that creates a system of record for application security testing and enables a unique view into the risk associated by an organization's software.
- In July of 2021, Synopsys announced the availability of new Rapid Scan capabilities within the company's Coverity® static application security testing (SAST) and Black Duck® software composition analysis (SCA) solutions. The Rapid Scan features provide fast, lightweight vulnerability detection for both proprietary and open source code. Rapid Scan is optimized for the early stages of development, particularly for cloud-native applications and infrastructure-as-code (IaC).
- In February of 2022, Synopsys announced the general availability of Code Sight™ Standard Edition, a standalone version of the Code Sight plugin for integrated development environments (IDE) that enables developers to quickly find and fix security defects in source code, open source dependencies, infrastructure-as-code files, and more before they commit their code.
- In October of 2021, Synopsys enhanced its Black Duck® software composition analysis solution to address customers' emerging needs around software supply chain security. The enhancements enable Black Duck customers to produce a software bill of materials (SBOM) in the standardized SPDX 2.2. format approved by NIST, a capability that is increasingly important for software vendors looking to comply with Executive Order 14028.
- Synopsys continues to invest in its "partner first" go-to-market approach by expanding its global channel partner network and enhancing the benefits and operational support in its partner program to better serve the channel. As a result, Synopsys has experienced significant growth and momentum in indirect sales through an expanded ecosystem of resellers, managed service providers, system integrators and consulting firms providing solutions and services to our customers. Synopsys recently received a 5-star rating in the 2022 CRN Partner Program Guide.
1. Gartner, Inc. "Magic Quadrant for Application Security Testing" by Dale Gardner, Mark Horvath, and Dionisio Zumerle, April 18 , 2022.
GARTNER and Magic Quadrant are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About the Synopsys Software Integrity Group
Synopsys Software Integrity Group provides integrated solutions that transform the way development teams build and deliver software, accelerating innovation while addressing business risk. Our industry-leading portfolio of software security products and services is the most comprehensive in the world and interoperates with third-party and open source tools, allowing organizations to leverage existing investments to build the security program that's best for them. Only Synopsys offers everything you need to build trust in your software. Learn more at www.synopsys.com/software.
Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As an S&P 500 company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and offers the industry's broadest portfolio of application security testing tools and services. Whether you're a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing more secure, high-quality code, Synopsys has the solutions needed to deliver innovative products. Learn more at www.synopsys.com.
Mark Van Elderen
SOURCE Synopsys, Inc.