Synopsys Launches Software Risk Manager
August 01, 2023

Synopsys announced the launch of Synopsys Software Risk Manager, a new application security posture management (ASPM) solution.

Software Risk Manager enables security and development teams to simplify, align and streamline their application security testing across projects, teams and application security testing (AST) tools. It aligns intelligent policy-driven orchestration and vulnerability management capabilities with the Synopsys Software Integrity Group's market-leading SAST and SCA engines, with broad support for other open-source and commercial AST tools. In combination, Synopsys' ASPM solution delivers an enhanced ability to implement application security consistently across any organization.

"Application security programs need to be effective and efficient at reducing software risk in order to deliver value," said Jason Schmitt, general manager of Synopsys' Software Integrity Group. "Many organizations embracing digital transformation are struggling with the complexity and operational costs of managing their software risk at scale. Synopsys Software Risk Manager provides teams with a holistic view of their application security posture while accelerating time to value and reducing the overall cost of their AppSec programs."

Software Risk Manager is built on the core technologies of Synopsys' Code Dx and Intelligent Orchestration products, redesigned and enhanced to deliver a comprehensive ASPM solution that enables teams to:

- Implement policy driven AppSec at scale. Centrally define and enforce universal security policies which specify parameters for test execution and vulnerability management.

- Unify user experience across disparate application security testing tools. Maximize the value of existing security investments while simplifying resourcing and operations. Improve ability to transition and consolidate tooling across teams.

- Consolidate vulnerability reporting and management across projects, teams and tools. Obtain a complete picture of security risks that is normalized, deduplicated and prioritized across tools.

- Simplify AppSec integration and orchestration in development workflows. Integrate security workflows within existing developer toolchains and systems and enable quick onboarding for existing projects and builds.

- Optimize core application security testing with a single, unified solution. Efficiently deploy, manage and report on core application security testing functions leveraging the same market-leading SAST and SCA engines that power Synopsys offerings.

Share this

Industry News

February 13, 2025

LaunchDarkly announced the private preview of Warehouse Native Experimentation, its Snowflake Native App, to offer Data Warehouse Native Experimentation.

February 13, 2025

SingleStore announced the launch of SingleStore Flow, a no-code solution designed to greatly simplify data migration and Change Data Capture (CDC).

February 13, 2025

ActiveState launched its Vulnerability Management as a Service (VMaas) offering to help organizations manage open source and accelerate secure software delivery.

February 12, 2025

Genkit for Node.js is now at version 1.0 and ready for production use.

February 12, 2025

JFrog signed a strategic collaboration agreement (SCA) with Amazon Web Services (AWS).

February 12, 2025

mabl launched of two new innovations, mabl Tools for Playwright and mabl GenAI Test Creation, expanding testing capabilities beyond the bounds of traditional QA teams.

February 11, 2025

Check Point® Software Technologies Ltd.(link is external) announced a strategic partnership with leading cloud security provider Wiz to address the growing challenges enterprises face securing hybrid cloud environments.

February 11, 2025

Jitterbit announced its latest AI-infused capabilities within the Harmony platform, advancing AI from low-code development to natural language processing (NLP).

February 11, 2025

Rancher Government Solutions (RGS) and Sequoia Holdings announced a strategic partnership to enhance software supply chain security, classified workload deployments, and Kubernetes management for the Department of Defense (DOD), Intelligence Community (IC), and federal civilian agencies.

February 10, 2025

Harness and Traceable have entered into a definitive merger agreement, creating an advanced AI-native DevSecOps platform.

February 10, 2025

Endor Labs announced a partnership with GitHub that makes it easier than ever for application security teams and developers to accurately identify and remediate the most serious security vulnerabilities—all without leaving GitHub.

February 07, 2025

Are you using OpenTelemetry? Are you planning to use it? Click here to take the OpenTelemetry survey(link is external).

February 06, 2025

GitHub announced a wave of new features and enhancements to GitHub Copilot to streamline coding tasks based on an organization’s specific ways of working.

February 06, 2025

Mirantis launched k0rdent, an open-source Distributed Container Management Environment (DCME) that provides a single control point for cloud native applications – on-premises, on public clouds, at the edge – on any infrastructure, anywhere.

February 06, 2025

Hitachi Vantara announced a new co-engineered solution with Cisco designed for Red Hat OpenShift, a hybrid cloud application platform powered by Kubernetes.