Synopsys announced it has been named by Gartner as a Leader in the “Magic Quadrant for Application Security Testing” for the sixth consecutive year. In the report, Gartner evaluated 14 application security testing vendors based on their Completeness of Vision and Ability to Execute. Synopsys placed highest in Ability to Execute and Completeness of Vision for the fourth year in a row.
As the speed and complexity of development increases and the occurrence of high-impact application security breaches becomes more frequent, security and development teams are looking to integrate and automate security testing as part of their software development activities.
According to the authors of the report, “Gartner continues to observe that the major driver in the evolution of the AST market is the need to support enterprise DevSecOps and cloud-native application initiatives. Customers require offerings that provide high-assurance, high-value findings, while not unnecessarily slowing down development efforts. Clients expect offerings to fit earlier into the development process, with testing often driven by developers, rather than security specialists. As a result, this market evaluation focuses heavily on the buyer’s needs involving support of rapid and accurate testing for various application types, capable of integration in an increasingly automated fashion throughout software delivery workflows.”
“Recent high-profile vulnerabilities and software supply chain attacks have highlighted that managing software risk is becoming increasingly complex,” said Jason Schmitt, general manager of the Synopsys Software Integrity Group.
“Organizations need a variety of integrated and interoperable application security solutions to address risks across the SDLC and the broader software supply chain—solutions that help them prioritize their remediation efforts while maintaining the velocity of their development workflows. We have made significant investments in these areas over the past year, including the release of new Rapid Scan capabilities for Coverity SAST and Black Duck SCA, the launch of Code Sight Standard Edition, a standalone version of our IDE plugin for developer-driven testing, and the acquisition of Code Dx, an open platform that helps security and development teams correlate and prioritize security findings across their AST tool portfolio. We believe our continued recognition by Gartner as a Leader in application security testing validates our strategy and ability to address the evolving needs of the market.” Schmitt added.