Synopsys acquires Code Dx

The acquisition is intended to expand Synopsys' application security portfolio and add software vulnerability correlation, prioritization, and consolidated risk reporting

Synopsys acquires Code Dx

Moshe Marziano, regional sales manager for Synopsys Israel. Photo courtesy of the company

Synopsys, Inc. announced Tuesday that it has acquired Code Dx, a provider of an application security risk management solution. The addition of Code Dx enables Synopsys to offer customers consolidated risk reporting and prioritization across correlated software vulnerability data produced by Synopsys solutions and more than 75 third-party and open source application security and development products. The terms of the deal are not being disclosed.  

According to Synopsys, the addition of Code Dx makes Synopsys the first vendor to provide the full spectrum of application security tools and services, including:

-  A complete suite of industry-leading security testing tools

- An intelligent orchestration engine that automatically determines and initiates the appropriate tests for each step in the DevOps workflow

- An aggregation, correlation, and prioritization solution for the vulnerabilities identified during testing

- Consolidated application security risk reporting across any commercial and open-source application security solutions

- Consulting and managed services to align people, process, and technology and address application security risks holistically

Moshe Marziano, Regional Sales Manager for Synopsys Israel, said "Code Dx's unique solution expands Synopsis's product portfolio to its customers in the Israeli market and around the world. The solution enables efficient and unified management of security vulnerabilities in the development processes from an organizational perspective." 

"Synopsis is a global company that leads the Israeli market in the field of application security. The company's solutions are focused on the developers and security people in the organization, in order to streamline the development processes and solve problems earlier in the process."

Prior to the acquisition, Code Dx was a valued member of the Synopsys Technology Alliance Partner (TAP) program. As part of that partnership, Synopsys has worked closely with Code Dx to support their integrations within the Synopsys product portfolio. As a result, customers can use Code Dx's offering in conjunction with Synopsys products immediately.

Synopsys provides the broadest portfolio of application security solutions in the industry, including static, dynamic, and interactive application security testing and software composition analysis. The recently introduced Synopsys Intelligent Orchestration solution uses innovative technology to automatically determine and initiate the most appropriate security tests using Synopsys and third-party products based on pre-defined risk policies and changes made to an application. Code Dx complements and extends these solutions by aggregating and correlating security testing results from Synopsys products, third-party products, and open-source products across the pipeline to provide consolidated risk reporting and facilitate prioritized remediation efforts.

The company claims that the extensibility of Synopsys Intelligent Orchestration and Code Dx enables organizations to build more efficient and effective testing programs while leveraging their current investments in application security testing tools.

Synopsys Software Integrity Group helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in application security, provides static analysis, software composition analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations optimize security and quality in DevSecOps and throughout the software development life cycle.

You might be interested also