Synopsys_site.pptx

2. © 2021 Synopsys, Inc. 2 Over 30 Years of leadership, growth and innovation Employees: ~15.000 Engineers: ~6,000 SIG: ~1,500 Engineering culture Global reach 30+ Years of innovation Market Value ~ $45B 2020 Revenue ~ $3.7B $1.4B+ invested in SIG Constant growth 1. Microsoft 2. Oracle 3. SAP 4. Symantec 5. VMware 6. Salesforce 7. Intuit 8. CA Technologies 9. Adobe 10. Teradata 11. Amdocs 12. Cerner 13. Citrix 14. Autodesk 15. Synopsys 16. Sage Group 17. Akamai Technologies 18. Nuance 19. Open Text 20. F5 Networks Top 20 Global Software Companies 15. 0 500 1,000 1,500 2,000 2,500 3,000 3,500 4,000 4,500 $ Millions

5. © 2020 Synopsys, Inc. 2022 Synopsys is a Leader in the 2022 Gartner® Magic Quadrant for Application Security Testing (AST) for the sixth year in a row. Based on its ability to execute and our completeness of vision, Synopsys is positioned highest and farthest right for the fourth time in a row in the Leaders Quadrant among the 14 AST vendors evaluated by Gartner.

6. © 2021 Synopsys, Inc. 6 Integrated Tools Strategy & Planning Maturity Action Plan (MAP) Coverity SAST Black Duck SCA Dynamic Application Security Testing Managed Services Static Application Security Testing Mobile Application Security Testing Penetration Testing Professional Services Industry Solutions Architecture and Design Security Training/ Champion Programs DevSecOps Integration Cloud Security Building Security in Maturity Model (BSIMM) Synopsys Software Security and Quality Portfolio Code Dx & I. Orchestration WhiteHat & Seeker Dynamic Analysis

8. © 2021 Synopsys, Inc. 8 Development Reality Business Demands Development Teams + Time to Market Customer Satisfaction Innovation + Meet shorter, faster delivery schedules Avoid cost and time of re-work Maximize developer productivity Meet quality, safety, security requirements Maintain multi- variants of code

9. © 2021 Synopsys, Inc. 9 © 2022 Synopsys, Inc. 9 Synopsys Confidential Information One Organized View SAST DAST IAST SCA API Scans Addressing all of the security touchpoints • Only 25 of 122 BSIMM activities are automated • All testing must be tracked – What test type? – What was identified? – What was assigned for remediation? – Who was it assigned to? – Was it completed, and, if so, when? • Goal: eliminate Excel as the tracking tool for testing Lots of tools, lots of activities, no central truth Security Reality Risk Analysis Architecture Analysis Threat Modeling Penetration Testing Edge/Boundary Tests Manual Code Review Malicious Code Detection Automated Tests Manual Tests

10. © 2021 Synopsys, Inc. 10 Old tools and methods slow DevOps velocity Pipeline Congestion Large, monolithic AppSec testing tools can congest build, test, and release pipelines. The answer is smaller, purpose built tests run intelligently at the right time in situational context More tools + more testing = more findings that must be correlated, deduplicated and prioritized so developers aren’t overwhelmed and can focus on issues that matter most Findings Overload

11. © 2021 Synopsys, Inc. 11 Intelligent Orchestration Intelligent, policy-driven DevSecOps AppSec Program Objectives & Metrics Prioritized tickets for remediation Policies Correlates, prioritizes, tracks remediation, centralizes visibility Code Dx Executes the right tests, at the right time, at the right level Actionable insights into software risk SAST SCA IAST DAST Code Review Threat Model Pen Test Risk Analysis

Synopsys_site.pptx

Esté a ler uma amostra.

Confira estes a seguir

Synopsys_site.pptx

Mais Conteúdo rRelacionado

Semelhante a Synopsys_site.pptx (20)

Mais recentes (20)