Synopsys Named a Leader in the 2023 Gartner® Magic Quadrant™ for Application Security Testing for Seventh Consecutive Year
Synopsys Placed Highest in Execution Ability and Furthest in Completeness of Vision Five Years in a Row
MOUNTAIN VIEW, Calif., May 23, 2023 /PRNewswire/ -- Synopsys, Inc. (Nasdaq: SNPS) today announced it has been named by Gartner, Inc. as a Leader in the "Magic Quadrant™ for Application Security Testing" for the seventh consecutive year.1 In the report, Gartner evaluated 12 application security testing vendors based on their completeness of vision and ability to execute. Synopsys placed highest in ability to execute and furthest on completeness of vision for the fifth year in a row.
Synopsys also received the highest scores for all five Use Cases in the 2023 Critical Capabilities for Application Security Testing, a report that complements the Magic Quadrant and scores the same 12 vendors across these five common use cases: 2
- Cloud-Native Applications
- Mobile and Client
- Software Supply Chain Security
As the speed and complexity of development increases and the occurrence of high-impact application security breaches becomes more frequent, security and development teams are looking to integrate and automate effective application security testing (AST) as part of their software development activities.
According to the authors of the report, "Modern application design, the shift to the cloud and the accelerating adoption of DevSecOps are expanding the scope of the AST market. Security and risk management leaders can meet tighter deadlines and test more complex applications by integrating and automating AST in the software life cycle."
"As recent highly publicized vulnerabilities and software supply chain attacks have shown, application security is both critical and complex," said Jason Schmitt, general manager of the Synopsys Software Integrity Group. "To effectively mitigate risks in modern applications and their supply chains, organizations need to employ multiple security testing solutions that are fast, scalable, easy to use and seamlessly integrated into the SDLC. Synopsys has made significant investments over the past year to address these needs, including the acquisition of WhiteHat Security and the release of new cloud-native SAST and SCA services on the Polaris Software Integrity Platform."
"We are honored to be recognized by Gartner as a Leader in Application Security Testing for the seventh consecutive year," Schmitt added. "We believe this acknowledges our vision and ability to execute against evolving market requirements."
Download complimentary copies of the 2023 Magic Quadrant for Application Security Testing and the 2023 Critical Capabilities for Application Security Testing to learn more.
Over the past year, the Synopsys Software Integrity Group has introduced several new offerings and enhancements that have contributed to the business unit's continued growth and leadership:
- WhiteHat Security: Synopsys acquired WhiteHat Security, a leading provider of application security software-as-a-service (SaaS). The addition of WhiteHat Security provides Synopsys with significant SaaS capabilities and market-segment-leading dynamic application security testing (DAST) technology to strengthen what is considered one of the industry's broadest application security testing portfolios.
- Next-Generation Polaris Services: Synopsys announced the general availability of two new Fast Application Security Testing (fAST) services optimized for speed and ease-of-use on Synopsys' Polaris Software Integrity Platform®. Synopsys fAST Static and Synopsys fAST SCA services are built on the same powerful analysis engines at the core of Synopsys' market-leading Coverity® and Black Duck® solutions, integrated and delivered from the cloud via the latest version of Polaris.
- DevOps Integrations: Over the past year, Synopsys has continued to optimize its application security testing solutions for developers and DevSecOps use cases, including enhancements to the Code Sight IDE plugin and a new GitHub Action for seamlessly integrating Coverity, Black Duck and Polaris into continuous integration and continuous delivery (CI/CD) workflows.
- Cloud-Native AppSec: Synopsys enhanced and integrated its Rapid Scan engine across its AppSec portfolio, enabling customers to find security weaknesses and hard-coded secrets in cloud-native technologies like infrastructure-as-code templates, configuration files and APIs. Rapid Scan supports more than 2,300 security checks and is now integrated into Code Sight, Coverity, Black Duck, Seeker and Polaris.
- Software Supply Chain Security: Synopsys introduced several Black Duck enhancements to help customers better understand and manage the security risks in their software supply chains. These enhancements include malicious component detection, simplified remediation for vulnerable transitive dependencies and major improvements in scanning speed and scalability.
- Gartner, Inc. "Magic Quadrant for Application Security Testing" by Mark Horvath, Dale Gardner, Manjunath Bhat, Ravisha Chugh, Angela Zhao, May 17, 2023.
- Gartner, Inc. "Critical Capabilities for Application Security Testing" by Dale Gardner, Mark Horvath, Angela Zhao, Ravisha Chugh, Manjunath Bhat, May 17, 2023.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
GARTNER is a registered trademark and service mark, and MAGIC QUADRANT is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.
About the Synopsys Software Integrity Group
Synopsys Software Integrity Group provides integrated solutions that transform the way development teams build and deliver software, accelerating innovation while addressing business risk. Our industry-leading portfolio of software security products and services is the most comprehensive in the world and interoperates with third-party and open-source tools, allowing organizations to leverage existing investments to build the security program that's best for them. Only Synopsys offers everything you need to build trust in your software. Learn more at www.synopsys.com/software.
Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As an S&P 500 company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and offers the industry's broadest portfolio of application security testing tools and services. Whether you're a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing more secure, high-quality code, Synopsys has the solutions needed to deliver innovative products. Learn more at www.synopsys.com.
Mark Van Elderen
SOURCE Synopsys, Inc.