Latest News

Synopsys Launches Software Risk Manager to Simplify Enterprise-Scale Application Security Testing

In today’s ever-changing business landscape, organisations are increasingly recognising the crucial impact of software risk on their operations. To effectively address this challenge, the focus is on developing scalable and efficient application security programmes. As the threat landscape continues to evolve, the demand for streamlined testing, triage, and risk management is on the rise, keeping up with the rapid expansion of software.

To meet these demands, Synopsys introduces Software Risk Manager—a powerful on-premises application security posture management (ASPM) solution. This tool empowers security and development teams to prioritise risks effectively and concentrate on critical areas. The platform combines policy, orchestration, correlation, integrated static application security testing (SAST), and software composition analysis (SCA) engines, seamlessly integrating security activities throughout the software development life cycle. By utilising Software Risk Manager, teams gain access to a centralised source of truth, enabling informed decisions and the delivery of robust and resilient applications.

The Software Risk Manager merges intelligent policy-driven orchestration and vulnerability management capabilities with Synopsys Software Integrity Group’s market-leading SAST and SCA engines, offering broad support for other open-source and commercial AST tools. This comprehensive ASPM solution enhances the ability to implement application security consistently across any organisation.
“Application security programmes need to be effective and efficient at reducing software risk in order to deliver value,” said Jason Schmitt, general manager of Synopsys’ Software Integrity Group. “Many organisations embracing digital transformation are struggling with the complexity and operational costs of managing their software risk at scale. Synopsys Software Risk Manager provides teams with a holistic view of their application security posture while accelerating time to value and reducing the overall cost of their AppSec programs.”

Gartner, the renowned research and advisory company, recognises the importance of Application Security Posture Management (ASPM) in improving security efficacy and risk management across software development, deployment, and operations. They predict that by 2026, over 40% of organisations developing proprietary applications will adopt ASPM to swiftly identify and resolve application security issues.

Software Risk Manager is built on Synopsys’ Code Dx and Intelligent Orchestration products, enhanced to deliver a comprehensive ASPM solution. This empowers teams to:

1. Implement policy-driven AppSec at scale by centrally defining and enforcing universal security policies for test execution and vulnerability management.
2. Unify user experiences across different application security testing tools, maximising existing security investments, simplifying resourcing and operations, and facilitating transitions and tool consolidation across teams.
3. Consolidate vulnerability reporting and management across projects, teams, and tools, providing a complete, normalised, deduplicated, and prioritized picture of security risks.
4. Simplify AppSec integration and orchestration in development workflows by integrating security workflows within existing developer toolchains and systems, enabling quick onboarding for existing projects and builds.
5. Optimise core application security testing with a single, unified solution, efficiently deploying, managing, and reporting on core application security testing functions using Synopsys’ market leading SAST and SCA engines.

Overall, Software Risk Manager offers a comprehensive approach to application security management, ensuring organisations can effectively mitigate software risks while delivering valuable, secure, and reliable applications.