Synopsys Acquires Code Dx
June 08, 2021

Synopsys has acquired Code Dx, a provider of an application security risk management solution that automates and accelerates the discovery, prioritization, and remediation of software vulnerabilities.

The addition of Code Dx enables Synopsys to offer customers consolidated risk reporting and prioritization across correlated software vulnerability data produced by Synopsys solutions and more than 75 third-party and open source application security and development products. Headquartered in Northport, New York, the acquisition also adds a team of R&D engineers experienced in vulnerability correlation and integrating security testing activity across the entire software development pipeline.

The terms of the deal, which are not material to Synopsys' financials, are not being disclosed.

Prior to the acquisition, Code Dx was a member of the Synopsys Technology Alliance Partner (TAP) program. As part of that partnership, Synopsys has worked closely with Code Dx to support their integrations within the Synopsys product portfolio. As a result, customers can use Code Dx's offering in conjunction with Synopsys products immediately.

Synopsys provides a broad portfolio of application security solutions in the industry, including static, dynamic, and interactive application security testing and software composition analysis. The recently introduced Synopsys Intelligent Orchestration solution uses innovative technology to automatically determine and initiate the most appropriate security tests using Synopsys and third-party products based on pre-defined risk policies and changes made to an application. Code Dx complements and extends these solutions by aggregating and correlating security testing results from Synopsys products, third-party products, and open-source products across the pipeline to provide consolidated risk reporting and facilitate prioritized remediation efforts.

"The complexity and speed of modern software development requires the use of multiple security testing technologies and rapid testing cycles," said Jason Schmitt, GM of the Synopsys Software Integrity Group. "While robust security testing is vital to securing modern software, it often produces large amounts of vulnerability data that is difficult to manage at speed and at scale. Code Dx enables our customers to optimize and harness the breadth of our application security portfolio, along with third-party tools, by aggregating, correlating, and prioritizing security testing results based on risk."

The addition of Code Dx makes Synopsys the first vendor to provide the full spectrum of application security tools and services, including:

- A complete suite of industry-leading security testing tools

- An intelligent orchestration engine that automatically determines and initiates the appropriate tests for each step in the DevOps workflow

- An aggregation, correlation, and prioritization solution for the vulnerabilities identified during testing

- Consolidated application security risk reporting across any commercial and open-source application security solutions

- Consulting and managed services to align people, process, and technology and address application security risks holistically

The extensibility of Synopsys Intelligent Orchestration and Code Dx enables organizations to build more efficient and effective testing programs while leveraging their current investments in application security testing tools.

Share this

Industry News

June 22, 2021

Red Hat announced new end-to-end Kubernetes-native decision management capabilities as part of the latest release of Red Hat Process Automation.

June 22, 2021

GitLab announces the next iteration of its single application with its 14 release.

June 22, 2021

Transposit introduced new platform capabilities which are developer-friendly, but built for all.

June 22, 2021

Plutora transitioned to an expanded data-centric platform, added additional metrics to monitor and manage value stream flow, and deepened its integrations with Agile planning tools.

June 22, 2021

Opsera announces its native Salesforce CI/CD release automation functionality.

June 21, 2021

Render announced the general availability of autoscaling.

June 21, 2021

Grafana Labs acquired k6, the Stockholm-based startup behind the open source load testing tool for engineering teams.

June 17, 2021

Bitrise announced the release of its new enterprise-grade Mobile DevOps platform.

June 17, 2021

Perforce Software announces a partnership with Microsoft to deliver the free Enhanced Studio Pack, providing development tools in a click-to-start model on the Azure cloud.

June 17, 2021

Tigera announced the availability of Calico Cloud in the Microsoft Azure Marketplace.

June 16, 2021

Red Hat announced the general availability of Red Hat’s migration toolkit for virtualization to help organizations accelerate open hybrid cloud strategies by making it easier to migrate existing workloads to modern infrastructure in a streamlined, wholesale manner.

June 16, 2021

BrowserStack announced it has secured $200 million in Series B funding at a $4 billion valuation.

June 16, 2021

Harness announced significant platform updates that address gaps in today's developer and DevOps market.

June 15, 2021

Broadcom announced new capabilities for Value Stream Management (VSM) in its ValueOps software portfolio, seamlessly combining the proven investment planning features of Clarity™ with the advanced Agile management capabilities of Rally® software.

June 15, 2021

Copado announced its Summer 21 Release, opening up its platform for true multi-cloud DevOps for enterprise SaaS and low-code development.