Synopsys Launches Software Risk Manager to Simplify Enterprise-Scale Application Security Testing

New Solution Combines Policy-Driven Test Orchestration and Vulnerability Management with Market-Leading AST Engines to Help Teams Maximize AppSec Program ROI

SUNNYVALE, Calif., Aug. 1, 2023 /PRNewswire/ -- Synopsys, Inc. (Nasdaq: SNPS) today announced the launch of Synopsys Software Risk Manager, a powerful new application security posture management (ASPM) solution. Software Risk Manager enables security and development teams to simplify, align and streamline their application security testing across projects, teams and application security testing (AST) tools. It aligns intelligent policy-driven orchestration and vulnerability management capabilities with the Synopsys Software Integrity Group's market-leading SAST and SCA engines, with broad support for other open-source and commercial AST tools. In combination, Synopsys' ASPM solution delivers an enhanced ability to implement application security consistently across any organization.

"Application security programs need to be effective and efficient at reducing software risk in order to deliver value," said Jason Schmitt, general manager of Synopsys' Software Integrity Group. "Many organizations embracing digital transformation are struggling with the complexity and operational costs of managing their software risk at scale. Synopsys Software Risk Manager provides teams with a holistic view of their application security posture while accelerating time to value and reducing the overall cost of their AppSec programs."

According to Gartner, "Application security posture management analyzes security signals across software development, deployment, and operations to improve visibility, better manage vulnerabilities, and enforce controls. Security leaders can use ASPM to improve application security efficacy and better manage risk."1 

Gartner predicts that by 2026, more than 40% of organizations developing proprietary applications will adopt ASPM to rapidly identify and resolve application security issues.

Software Risk Manager is built on the core technologies of Synopsys' Code Dx and Intelligent Orchestration products, redesigned and enhanced to deliver a comprehensive ASPM solution that enables teams to:

  • Implement policy driven AppSec at scale. Centrally define and enforce universal security policies which specify parameters for test execution and vulnerability management.
  • Unify user experience across disparate application security testing tools. Maximize the value of existing security investments while simplifying resourcing and operations. Improve ability to transition and consolidate tooling across teams.
  • Consolidate vulnerability reporting and management across projects, teams and tools. Obtain a complete picture of security risks that is normalized, deduplicated and prioritized across tools.
  • Simplify AppSec integration and orchestration in development workflows. Integrate security workflows within existing developer toolchains and systems and enable quick onboarding for existing projects and builds.
  • Optimize core application security testing with a single, unified solution. Efficiently deploy, manage and report on core application security testing functions leveraging the same market-leading SAST and SCA engines that power Synopsys offerings.

For more information about Software Risk Manager, read the detailed Synopsys blog post.

1. Gartner, Inc. "Innovation Insight for Application Security Posture Management" by Dale Gardner, Dionisio Zumerle, Manjunath Bhat, May 4, 2023

About the Synopsys Software Integrity Group
Synopsys Software Integrity Group provides integrated solutions that transform the way development teams build and deliver software, accelerating innovation while addressing business risk. Our industry-leading portfolio of software security products and services is the most comprehensive in the world and interoperates with third-party and open-source tools, allowing organizations to leverage existing investments to build the security program that's best for them. Only Synopsys offers everything you need to build trust in your software. Learn more at

About Synopsys
Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As an S&P 500 company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and offers the industry's broadest portfolio of application security testing tools and services. Whether you're a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing more secure, high-quality code, Synopsys has the solutions needed to deliver innovative products. Learn more at

Editorial Contact:  
Liz Samet
Synopsys, Inc.

SOURCE Synopsys, Inc.