MOUNTAIN VIEW, Calif., May 18, 2021 / PRNewswire / – Synopsys, Inc. (Nasdaq: SNPS) today announced the expansion of the Technology Alliance Partner (TAP) segment of Software Integrity Group’s new global partner program at the RSA conference. Synopsys showcases integrations between the company’s Intelligent Orchestration solution and tools from technology partners, including CloudBees and GitHub Actions. With more than 40 vendors in the DevOps ecosystem currently engaged, the TAP program simplifies and accelerates partner integration with Intelligent Orchestration and other Synopsys application security solutions.
Recognized as a leader by independent analysts Gartner and Forrester, Synopsys offers the industry’s most comprehensive portfolio of application security solutions. Through the TAP program, development, DevOps and security technology vendors can partner with Synopsys to integrate application security and enterprise risk management solutions into their products. These integrations make it easier for organizations to create automated application security controls within their existing DevOps toolchains.
Synopsys recently launched its Intelligent Orchestration solution – a dedicated application security automation pipeline that integrates with popular DevOps tools to make security testing transparent and manageable for development teams at high speed. Intelligent Orchestration integrations with CloudBees and GitHub Actions underscore the value that the TAP program creates for customers.
Intelligent orchestration with source code management. Popular source code management (SCM) tools, including Bitbucket, GitLab, and GitHub, can integrate with Synopsys application security solutions to allow developers to automatically run security scans on their source code when changes are made. made. For example, the Intelligent Security Scan GitHub action integrates with Intelligent Orchestration to simplify and streamline security testing, triggering the most appropriate scan based on the significance of the code changes introduced. It can be configured to automatically orchestrate rapid or incremental security scans based on push and pull requests. Analysis results are formatted using the Static Analysis Results Interchange Format (SARIF) and automatically displayed through the GitHub code analysis user interface in the developer’s workflow.
“GitHub Actions helps customers quickly automate software development efforts from ideation to production,” said Jose palafox, Business Development Manager for GitHub. “Security testing is an increasingly important part of this process, but it needs to happen transparently. With the Intelligent Security Scan action, developers can leverage the power of Intelligent Orchestration to automatically launch and quickly security scans. “
Intelligent orchestration with continuous integration and delivery. Widely used integration and continuous delivery (CI / CD) tools such as CloudBees, CircleCI, and Bamboo can also integrate with Intelligent Orchestration. For example, Intelligent Orchestration integrates with CloudBees to provide a dedicated security test pipeline that runs in parallel with the build and publish pipelines, simplifying deployment while ensuring that application security does not occur over time. detriment of the speed of development. Customers can define application security policies in code form, specifying rules for security tests, responses, and notifications. Using proprietary technology, Intelligent Orchestration then uses these rules to evaluate code changes and other CI / CD events to intelligently trigger the appropriate security tests.
“We are seeing more and more customers looking to automate application security activities as part of their CI / CD pipelines,” said Anders Wallgren, VP of Strategy for CloudBees. “But with the accelerated pace of development and proliferation of security testing technologies, it can be difficult for them to manage the continuous flow of vulnerabilities without slowing the pipeline. Through our strategic partnership with Synopsys and the integration between our respective tools, CloudBees and Intelligent Orchestration, customers can use automation and risk-based intelligence to run the right tests at the right stages of the pipeline, which can greatly reduce unnecessary friction. “
To become a Synopsys Technology Partner or to learn more, visit the TAP program webpage. The TAP program provides partners with world-class developer support, product training, integration audits, community access, and co-marketing opportunities. Collaborate, integrate and interoperate with Synopsys application security solutions to transform the way software is created, deployed and operated. Through partnerships, customers can achieve their application security goals without affecting their development and deployment efforts.
About the Synopsys Software Integrity Group
Synopsys Software Integrity Group helps development teams create secure, high-quality software, minimizing risk while maximizing speed and productivity. Synopsys, a recognized leader in application security, provides static analysis, software composition analysis and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components and application behavior. With a combination of cutting-edge tools, services and expertise, only Synopsys helps organizations optimize security and quality in DevSecOps and throughout the software development lifecycle. Learn more at www.synopsys.com/software.
Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software ™ partner for innovative companies developing the electronics and software applications we rely on every day. As a company of the S&P 500, Synopsys has long been a global leader in electronic design automation (EDA) and semiconductor intellectual property and offers the broadest portfolio of testing tools and services. application security. Whether you are a system-on-a-chip (SoC) designer creating advanced semiconductors or a software developer writing more secure, high-quality code, Synopsys has the solutions to deliver innovative products. Learn more at www.synopsys.com.
Mark Van Elderen
SOURCE Synopsys, Inc.