Synopsys Recognized as a Leader in Software Composition Analysis by Independent Research Firm

Synopsys receives among the highest scores in market presence category and ranked second in current offering category

MOUNTAIN VIEW, Calif., June 13, 2023 /PRNewswire/ -- Synopsys, Inc. (Nasdaq: SNPS) today announced it has been recognized as a leader in The Forrester Wave™: Software Composition Analysis, Q2 2023. The report identifies the 12 most significant vendors in the software composition analysis (SCA) market and evaluates them against 32 criteria grouped into three high-level categories: current offering, strategy, and market presence. Synopsys' Black Duck® SCA solution received among the highest scores in the market presence category and ranked second in the current offering category.

The report states: "A staggering 78% of codebases are open source, which leaves a majority of an application's code at risk due to third-party sources. Application security and application development leaders rely on software composition analysis tools to deliver visibility into the security and license risk of open source and third-party libraries. SCA vendors differentiate by not only effectively finding and remediating security and license risk but also leaning into software supply chain use cases, a recent focus of governments and the private sector."

Within the current offering category, Synopsys received the highest scores possible in the SBOM (software bill of materials) management and policy management criteria and tied for the second highest score in the vulnerability identification criterion. Within the strategy category, Synopsys received the highest score possible in the supporting services and offerings criterion.

According to the report, "Black Duck's powerful policy engine boasts more than 40 criteria, including security risk, such as exploitability, fix availability, and reachability; license risk, such as needs review; component attributes, such as direct or transitive dependency; and operational risk, such as number of commits and contributors in the past year and component age. The policy is uniformly enforced in the IDE, pull requests, and pipeline scanning."

"We're honored to be recognized by Forrester as a leader in this evaluation," said Jason Schmitt, general manager of the Synopsys Software Integrity Group. "Identifying and managing risk in open-source software components and the broader software supply chain is a critical part of building trust in your software. As a pioneer in software composition analysis with highly differentiated technology and an open-source database that has been developed and enhanced over the past two decades, Black Duck SCA is uniquely positioned to help organizations across all industries secure their software supply chains."

Download a complimentary copy of The Forrester Wave™: Software Composition Analysis, Q2 2023.

About the Synopsys Software Integrity Group
Synopsys Software Integrity Group provides integrated solutions that transform the way development teams build and deliver software, accelerating innovation while addressing business risk. Our industry-leading portfolio of software security products and services is the most comprehensive in the world and interoperates with third-party and open source tools, allowing organizations to leverage existing investments to build the security program that's best for them. Only Synopsys offers everything you need to build trust in your software. Learn more at www.synopsys.com/software.

About Synopsys
Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As an S&P 500 company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and offers the industry's broadest portfolio of application security testing tools and services. Whether you're a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing more secure, high-quality code, Synopsys has the solutions needed to deliver innovative products. Learn more at www.synopsys.com.

Editorial Contacts:
Mark Van Elderen
Synopsys, Inc.
650-793-7450
mark.vanelderen@synopsys.com

 

SOURCE Synopsys, Inc.