Synopsys extends application security portfolio

Synopsys has acquired Code Dx, a provider of an application security risk management solution that both automates and accelerates the discovery and remediation of software vulnerabilities.

According to Synopsys, the acquisition means that it will be able to offer customers consolidated risk reporting and prioritisation across correlated software vulnerability data produced by Synopsys solutions and more than 75 third-party and open source application security and development products.

Headquartered in Northport, New York, the acquisition of Code Dx will see a team of R&D engineers experienced in vulnerability correlation and integrating security testing activity across the entire software development pipeline joining the company.

While Synopsys already provides a broad portfolio of application security solutions, the acquisition of Code Dx complements and extends these solutions by aggregating and correlating security testing results from Synopsys products, third-party products, and open-source products to provide consolidated risk reporting and facilitate prioritized remediation efforts.

“The complexity and speed of modern software development requires the use of multiple security testing technologies and rapid testing cycles,” said Jason Schmitt, general manager of the Synopsys Software Integrity Group. “While robust security testing is vital to securing modern software, it often produces large amounts of vulnerability data that is difficult to manage at speed and at scale. Code Dx enables our customers to optimize and harness the breadth of our application security portfolio, along with third-party tools, by aggregating, correlating, and prioritizing security testing results based on risk.”

The terms of the deal are not being disclosed.