Synopsys has announced it has been recognised as a leader in The Forrester Wave™: Static Application Security Testing, Q3 2023. The report identifies the 11 most significant vendors in the static application security testing (SAST) market and evaluates them against 26 criteria grouped into three high-level categories: Current offering, Strategy, and Market presence. Synopsys’ Coverity® SAST solution received the second highest score in the Current offering category and tied for the second highest scores in the Strategy and Market presence categories.
The report states: “Security and development leaders look to static application security testing solutions to find, prioritise, and help fix security weaknesses quickly in proprietary code by seamlessly integrating into developer workflows.”
Within the Current offering category, Synopsys received the highest score in the Detection criterion, among the highest scores given in the Product security criterion, and a tie for the second highest score in the DevSecOps workflows criterion. Within the Strategy category, Synopsys received the highest possible scores in the Roadmap, Partner ecosystem, and Supporting services and offerings criteria.
According to the report, “Coverity offers native, high-confidence, high-impact scan analysis to deliver only the most actionable results to developers. Security pros who want complete coverage and have a higher tolerance for false positives can dial up analysis through a scan configuration setting. Software Risk Manager centralises results for all scan types and results from other vendors. Security pros use the tool to determine the highest-priority issues across their portfolios and weed out possible false positives by applying filter options such as policy, age, predicated status, and an ML confidence rating based on triage history. Custom checkers also help Coverity maintain its ‘very low false-alarm rate,’ as one customer reference put it.”
“We’re honored to be recognised by Forrester as a leader in this evaluation,” said Jason Schmitt, general manager of the Synopsys Software Integrity Group. “With the emergence of DevOps and AI-assisted coding solutions, it is critical that organisations can find and fix vulnerabilities in their proprietary code quickly and at scale, without introducing unnecessary friction into the software delivery cycle. We believe the results of this evaluation reflect our commitment to helping customers build trust in their software—with confidence and at the speed their businesses demand.”
Download a complimentary copy of The Forrester Wave™: Static Application Security Testing, Q3 2023.