MOUNTAIN VIEW, Calif.,
May 18, 2021 /PRNewswire/
-- Synopsys, Inc. (Nasdaq: SNPS) today announced the
expansion of the Technology Alliance Partner (TAP) segment of the
Software Integrity Group's new Global Partner Program at RSA
Conference. Synopsys is showcasing integrations between the
company's Intelligent Orchestration solution and technology partner
tools, including CloudBees and GitHub Actions. With more than 40
DevOps ecosystem vendors currently engaged, the TAP program
simplifies and accelerates partner integration with Intelligent
Orchestration and other Synopsys application security
solutions.
Recognized as a leader by independent analysts Gartner and
Forrester, Synopsys provides the most comprehensive portfolio of
application security solutions in the industry. Through the TAP
program, development, DevOps, and security technology providers can
partner with Synopsys to integrate the company's application
security and risk management solutions with their products. These
integrations make it easier for organizations to build automated
application security controls into their existing DevOps
toolchains.
Synopsys recently introduced its Intelligent Orchestration
solution— a dedicated application security automation pipeline that
integrates with popular DevOps tools to make security testing
seamless and easy to manage for high-velocity development teams.
Intelligent Orchestration integrations with CloudBees and GitHub
Actions underscore the value the TAP program creates for
customers.
Intelligent Orchestration with source code management.
Popular source code management (SCM) tools, including Bitbucket,
GitLab, and GitHub, can integrate with Synopsys application
security solutions to enable developers to automatically run
security scans on their source code when changes are introduced.
For example, the Intelligent Security Scan GitHub
Action integrates with Intelligent Orchestration to simplify
and streamline security testing, triggering the most appropriate
analysis based on the significance of the code changes being
introduced. It can be configured to automatically orchestrate rapid
or incremental security scans based on pushes and pull requests.
Scan results are formatted using the Static Analysis Results
Interchange Format (SARIF) and displayed through the GitHub code
scanning user interface automatically within the developer
workflow.
"GitHub Actions helps customers automate software development
efforts from ideation to production rapidly," said Jose Palafox, business development manager for
GitHub. "Security testing is an increasingly important part of that
process, but it needs to happen seamlessly. With the Intelligent
Security Scan Action, developers can leverage the power of
Intelligent Orchestration to automatically and quickly initiate
security scans."
Intelligent Orchestration with continuous integration and
delivery. Widely used continuous integration and delivery
(CI/CD) tools like CloudBees, CircleCI, and Bamboo can also
integrate with Intelligent Orchestration. For example, Intelligent
Orchestration integrates with CloudBees to provide a dedicated
security testing pipeline that runs in parallel with build and
release pipelines, simplifying deployment while ensuring that
application security doesn't come at the cost of development
velocity. Customers can define application security policies as
code, specifying rules for security testing, response, and
notification. Using proprietary technology, Intelligent
Orchestration then uses those rules to evaluate code changes and
other CI/CD events to intelligently trigger the appropriate
security tests.
"We're seeing more and more customers look to automate
application security activities as part of their CI/CD pipelines,"
said Anders Wallgren, vice president
of strategy for CloudBees. "But with the accelerating pace of
development and proliferation of security testing technologies, it
can be difficult for them to manage the continuous stream of
vulnerabilities without slowing down the pipeline. Through our
strategic partnership with Synopsys and integration between our
respective tools, CloudBees and Intelligent Orchestration,
customers can utilize automation and risk-based intelligence to run
the right tests at the appropriate stages in the pipeline, which
can dramatically reduce unnecessary friction."
To become a Synopsys technology partner or learn more, visit the
TAP program webpage. The TAP program provides partners with
world-class developer support, product training, integration
audits, community access, and co-marketing opportunities.
Collaborate, integrate, and interoperate with Synopsys application
security solutions to transform how software is built, deployed,
and operated. Through partnerships, customers can achieve their
application security goals without impacting their development and
deployment efforts.
About the Synopsys Software Integrity Group
Synopsys Software Integrity Group helps development teams build
secure, high-quality software, minimizing risks while maximizing
speed and productivity. Synopsys, a recognized leader in
application security, provides static analysis, software
composition analysis, and dynamic analysis solutions that enable
teams to quickly find and fix vulnerabilities and defects in
proprietary code, open source components, and application behavior.
With a combination of industry-leading tools, services, and
expertise, only Synopsys helps organizations optimize security and
quality in DevSecOps and throughout the software development life
cycle. Learn more at www.synopsys.com/software.
About Synopsys
Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™
partner for innovative companies developing the electronic products
and software applications we rely on every day. As an S&P 500
company, Synopsys has a long history of being a global leader in
electronic design automation (EDA) and semiconductor IP and offers
the industry's broadest portfolio of application security testing
tools and services. Whether you're a system-on-chip (SoC) designer
creating advanced semiconductors, or a software developer writing
more secure, high-quality code, Synopsys has the solutions needed
to deliver innovative products. Learn more at www.synopsys.com.
Editorial Contact:
Mark Van Elderen
Synopsys, Inc.
650-793-7450
mark.vanelderen@synopsys.com
View original
content:http://www.prnewswire.com/news-releases/synopsys-unveils-technology-alliance-partner-program-adds-integrations-for-application-security-orchestration-solution-at-rsa-conference-301293778.html
SOURCE Synopsys, Inc.