MOUNTAIN VIEW, Calif., Dec. 12, 2017 /PRNewswire/ — Synopsys, Inc. (Nasdaq: SNPS) today announced it has been positioned as a leader in The Forrester Wave™: Static Application Security Testing, Q4 2017. The reportprovides an in-depth analysis evaluating the 10 most significant vendors in static application security testing (SAST). The Synopsys Static Analysis (Coverity^®) solution received the highest scores in the current offering and strategy categories. Within the current offering category, Synopsys also received the highest scores in the criteria of rule management and software development life cycle (SDLC) integration.

“We’re proud to have Forrester recognize Synopsys as a leader in SAST,” said Andreas Kuehlmann, general manager of the Synopsys Software Integrity Group. “As the foundational component of our Software Integrity Platform, the Synopsys Static Analysis solution has not only continued to deliver the value customers expect from an enterprise SAST tool— but it has also evolved to address emerging trends in software like the shift to more rapid and iterative development workflows and the increasingly diverse ecosystem of programming languages, frameworks, and toolchains.”

According to the Forrester Wave report, “Synopsys provides SAST scanning capabilities for use early in the SDLC. Synopsys Static Analysis (formerly Synopsys Coverity) is the company’s traditional SAST scanning tool, and SecureAssist provides on-the-fly scanning inside the IDE. Synopsys Static Analysis helps users view the impact of rule changes by displaying a comparison of results before and after the change without requiring a new scan… Synopsys Static Analysis stands out for its strong rule management and SDLC integration.”

The Forrester Wave report also states, “Security pros need SAST tools to enable developers.  Companies have traditionally used SAST tools late in the software development life cycle (SDLC) to scan products for vulnerabilities in proprietary code. Now, SAST vendors are trying to serve new users as security pros demand that their products give developers early remediation advice throughout the SDLC.”

The Synopsys Static Analysis solution, a core component of the Synopsys Software Integrity Platform, has a strong legacy as a development tool for reducing risk and lowering overall project cost by identifying critical defects and security vulnerabilities early in the SDLC. In addition to its accurate and actionable analysis, the Synopsys Static Analysis solution is optimized for use in DevOps environments and CI/CD workflows, with strong integration support for a wide range of development tools.

Download a complimentary copy of the report: The Forrester Wave™: Static Application Security Testing, Q4 2017.

Additional resources

• Read how Synopsys was also named a leader in the 2017 Gartner Magic Quadrant for Application Security Testing.
• Read how Black Duck, which was recently acquired by Synopsys, was named a leader in The Forrester Wave™: Software Composition Analysis, Q1 2017.

About the Synopsys Software Integrity Platform

Synopsys offers the most comprehensive solution for building integrity —security and quality— into the software development lifecycle and supply chain. The Software Integrity Platform unites leading testing technologies, automated analysis, and experts to create a robust portfolio of products and services. This portfolio enables companies to develop personalized programs for detecting and remediating defects and vulnerabilities early in the development process, minimizing risk and maximizing productivity. Synopsys, a recognized leader in Application Security Testing (AST), is uniquely positioned to adapt and apply best practices to new technologies and trends such as IoT, DevOps, CI/CD, and the Cloud. For more information, go to www.synopsys.com/software.

About Synopsys

Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As the world’s 15th largest software company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and is also growing its leadership in software security and quality solutions. Whether you’re a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing applications that require the highest security and quality, Synopsys has the solutions needed to deliver innovative, high-quality, secure products. Learn more at www.synopsys.com.