EDA vendor Synopsys has acquired risk management solution company called Code Dx for undisclosed sum. Northport, New York based Code Dx addition to strengthen Synopsys in offering its customers consolidated risk reporting and prioritization across correlated software vulnerability data produced by Synopsys solutions and more than 75 third-party and open source application security and development products.
Code Dx was already a valued member of the Synopsys Technology Alliance Partner (TAP) program, where Synopsys has worked closely with Code Dx to support their integrations within the Synopsys product portfolio. As a result, customers can use Code Dx's offering in conjunction with Synopsys products immediately.
"The complexity and speed of modern software development requires the use of multiple security testing technologies and rapid testing cycles," said Jason Schmitt, general manager of the Synopsys Software Integrity Group. "While robust security testing is vital to securing modern software, it often produces large amounts of vulnerability data that is difficult to manage at speed and at scale. Code Dx enables our customers to optimize and harness the breadth of our application security portfolio, along with third-party tools, by aggregating, correlating, and prioritizing security testing results based on risk."
Synopsys says Code Dx acquisition makes it a first vendor to provide the full spectrum of application security tools and services, including:
A complete suite of industry-leading security testing tools
An intelligent orchestration engine that automatically determines and initiates the appropriate tests for each step in the DevOps workflow
An aggregation, correlation, and prioritization solution for the vulnerabilities identified during testing
Consolidated application security risk reporting across any commercial and open-source application security solutions
Consulting and managed services to align people, process, and technology and address application security risks holistically
The extensibility of Synopsys Intelligent Orchestration and Code Dx enables organizations to build more efficient and effective testing programs while leveraging their current investments in application security testing tools.