SlideShare une entreprise Scribd logo

Synopsys_site.pptx

A
Arthur528009

FCBR - https://www.fcbr.com.br

Technologie
1  sur  12
© 2021 Synopsys, Inc. 1 Synopsys Leader in Application Security and Quality
© 2021 Synopsys, Inc. 2 Over 30 Years of leadership, growth and innovation Employees: ~15.000 Engineers: ~6,000 SIG: ~1,500 Engineering culture Global reach 30+ Years of innovation Market Value ~ $45B 2020 Revenue ~ $3.7B $1.4B+ invested in SIG Constant growth 1. Microsoft 2. Oracle 3. SAP 4. Symantec 5. VMware 6. Salesforce 7. Intuit 8. CA Technologies 9. Adobe 10. Teradata 11. Amdocs 12. Cerner 13. Citrix 14. Autodesk 15. Synopsys 16. Sage Group 17. Akamai Technologies 18. Nuance 19. Open Text 20. F5 Networks Top 20 Global Software Companies 15. 0 500 1,000 1,500 2,000 2,500 3,000 3,500 4,000 4,500 $ Millions
© 2021 Synopsys, Inc. 3 Synopsys SIG – Software Integrity Group 2021 2022
© 2021 Synopsys, Inc. 4 2021 2020 2019
© 2020 Synopsys, Inc. 2022 Synopsys is a Leader in the 2022 Gartner® Magic Quadrant for Application Security Testing (AST) for the sixth year in a row. Based on its ability to execute and our completeness of vision, Synopsys is positioned highest and farthest right for the fourth time in a row in the Leaders Quadrant among the 14 AST vendors evaluated by Gartner.
© 2021 Synopsys, Inc. 6 Integrated Tools Strategy & Planning Maturity Action Plan (MAP) Coverity SAST Black Duck SCA Dynamic Application Security Testing Managed Services Static Application Security Testing Mobile Application Security Testing Penetration Testing Professional Services Industry Solutions Architecture and Design Security Training/ Champion Programs DevSecOps Integration Cloud Security Building Security in Maturity Model (BSIMM) Synopsys Software Security and Quality Portfolio Code Dx & I. Orchestration WhiteHat & Seeker Dynamic Analysis
© 2021 Synopsys, Inc. 7 The Problem Development and Security Teams are in a hurry to deliver secure software, faster
© 2021 Synopsys, Inc. 8 Development Reality Business Demands Development Teams + Time to Market Customer Satisfaction Innovation + Meet shorter, faster delivery schedules Avoid cost and time of re-work Maximize developer productivity Meet quality, safety, security requirements Maintain multi- variants of code
© 2021 Synopsys, Inc. 9 © 2022 Synopsys, Inc. 9 Synopsys Confidential Information One Organized View SAST DAST IAST SCA API Scans Addressing all of the security touchpoints • Only 25 of 122 BSIMM activities are automated • All testing must be tracked – What test type? – What was identified? – What was assigned for remediation? – Who was it assigned to? – Was it completed, and, if so, when? • Goal: eliminate Excel as the tracking tool for testing Lots of tools, lots of activities, no central truth Security Reality Risk Analysis Architecture Analysis Threat Modeling Penetration Testing Edge/Boundary Tests Manual Code Review Malicious Code Detection Automated Tests Manual Tests
© 2021 Synopsys, Inc. 10 Old tools and methods slow DevOps velocity Pipeline Congestion Large, monolithic AppSec testing tools can congest build, test, and release pipelines. The answer is smaller, purpose built tests run intelligently at the right time in situational context More tools + more testing = more findings that must be correlated, deduplicated and prioritized so developers aren’t overwhelmed and can focus on issues that matter most Findings Overload
© 2021 Synopsys, Inc. 11 Intelligent Orchestration Intelligent, policy-driven DevSecOps AppSec Program Objectives & Metrics Prioritized tickets for remediation Policies Correlates, prioritizes, tracks remediation, centralizes visibility Code Dx Executes the right tests, at the right time, at the right level Actionable insights into software risk SAST SCA IAST DAST Code Review Threat Model Pen Test Risk Analysis
© 2021 Synopsys, Inc. 12 Build Secure, High-Quality Software Faster

Recommandé

Synopsys Security Event Israel Presentation: Keynote: Securing Your Software,...
Synopsys Security Event Israel Presentation: Keynote: Securing Your Software,...Synopsys Security Event Israel Presentation: Keynote: Securing Your Software,...
Synopsys Security Event Israel Presentation: Keynote: Securing Your Software,...
Synopsys Software Integrity Group
 
Low code application platforms
Low code application platformsLow code application platforms
Low code application platforms
Matthew Weaver
 
Transforming Consumer Banking with a 100% Cloud-Based Bank (FSV204) - AWS re:...
Transforming Consumer Banking with a 100% Cloud-Based Bank (FSV204) - AWS re:...Transforming Consumer Banking with a 100% Cloud-Based Bank (FSV204) - AWS re:...
Transforming Consumer Banking with a 100% Cloud-Based Bank (FSV204) - AWS re:...
Amazon Web Services
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
Priyanka Aash
 
Aligning to the NIST Cybersecurity Framework in the AWS
Aligning to the NIST Cybersecurity Framework in the AWSAligning to the NIST Cybersecurity Framework in the AWS
Aligning to the NIST Cybersecurity Framework in the AWS
Amazon Web Services
 
Apigee Edge Overview and Roadmap
Apigee Edge Overview and RoadmapApigee Edge Overview and Roadmap
Apigee Edge Overview and Roadmap
Apigee | Google Cloud
 
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyCritical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You Buy
Fidelis Cybersecurity
 
Deep-Dive: Secure API Management
Deep-Dive: Secure API ManagementDeep-Dive: Secure API Management
Deep-Dive: Secure API Management
Apigee | Google Cloud
 

Recommandé

Synopsys Security Event Israel Presentation: Keynote: Securing Your Software,...
Synopsys Security Event Israel Presentation: Keynote: Securing Your Software,...Synopsys Security Event Israel Presentation: Keynote: Securing Your Software,...
Synopsys Security Event Israel Presentation: Keynote: Securing Your Software,...
Synopsys Software Integrity Group
 
Low code application platforms
Low code application platformsLow code application platforms
Low code application platforms
Matthew Weaver
 
Transforming Consumer Banking with a 100% Cloud-Based Bank (FSV204) - AWS re:...
Transforming Consumer Banking with a 100% Cloud-Based Bank (FSV204) - AWS re:...Transforming Consumer Banking with a 100% Cloud-Based Bank (FSV204) - AWS re:...
Transforming Consumer Banking with a 100% Cloud-Based Bank (FSV204) - AWS re:...
Amazon Web Services
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
Priyanka Aash
 
Aligning to the NIST Cybersecurity Framework in the AWS
Aligning to the NIST Cybersecurity Framework in the AWSAligning to the NIST Cybersecurity Framework in the AWS
Aligning to the NIST Cybersecurity Framework in the AWS
Amazon Web Services
 
Apigee Edge Overview and Roadmap
Apigee Edge Overview and RoadmapApigee Edge Overview and Roadmap
Apigee Edge Overview and Roadmap
Apigee | Google Cloud
 
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyCritical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You Buy
Fidelis Cybersecurity
 
Deep-Dive: Secure API Management
Deep-Dive: Secure API ManagementDeep-Dive: Secure API Management
Deep-Dive: Secure API Management
Apigee | Google Cloud
 
Cloud-migration-essentials.pdf
Cloud-migration-essentials.pdfCloud-migration-essentials.pdf
Cloud-migration-essentials.pdf
ALI ANWAR, OCP®
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
Maganathin Veeraragaloo
 
DevSecOps : an Introduction
DevSecOps : an IntroductionDevSecOps : an Introduction
DevSecOps : an Introduction
Prashanth B. P.
 
Static Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouStatic Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and You
Kevin Fealey
 
Mind the-(ai)-gap : BCG study
Mind the-(ai)-gap : BCG studyMind the-(ai)-gap : BCG study
Mind the-(ai)-gap : BCG study
CHARLES Frédéric
 
Apigee Edge Product Demo
Apigee Edge Product DemoApigee Edge Product Demo
Apigee Edge Product Demo
Apigee | Google Cloud
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
Maganathin Veeraragaloo
 
Shift Left Security
Shift Left SecurityShift Left Security
Shift Left Security
BATbern
 
9 reasons why low code no-code platform is the best choice for increasing ado...
9 reasons why low code no-code platform is the best choice for increasing ado...9 reasons why low code no-code platform is the best choice for increasing ado...
9 reasons why low code no-code platform is the best choice for increasing ado...
Enterprise Bot
 
SABSA overview
SABSA overviewSABSA overview
SABSA overview
SABSAcourses
 
APIsecure 2023 - Exploring Advanced API Security Techniques and Technologies,...
APIsecure 2023 - Exploring Advanced API Security Techniques and Technologies,...APIsecure 2023 - Exploring Advanced API Security Techniques and Technologies,...
APIsecure 2023 - Exploring Advanced API Security Techniques and Technologies,...
apidays
 
02.security systems
02.security systems02.security systems
02.security systems
Sri Lanka Institute of Information Technology
 
Low code platform and Outsystems
Low code platform and Outsystems Low code platform and Outsystems
Low code platform and Outsystems
Dzung Nguyen
 
Web Application Security Strategy
Web Application Security Strategy Web Application Security Strategy
Web Application Security Strategy
Network Intelligence India
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & Guidelines
Prabath Siriwardena
 
Guide to an API-first Strategy
Guide to an API-first StrategyGuide to an API-first Strategy
Guide to an API-first Strategy
Kellton Tech Solutions Ltd
 
API Security Best Practices and Guidelines
API Security Best Practices and GuidelinesAPI Security Best Practices and Guidelines
API Security Best Practices and Guidelines
WSO2
 
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
Amazon Web Services
 
Deploying Open Banking APIs on AWS
Deploying Open Banking APIs on AWSDeploying Open Banking APIs on AWS
Deploying Open Banking APIs on AWS
Amazon Web Services
 
Pave the Golden Path On Your Internal Platform
Pave the Golden Path On Your Internal PlatformPave the Golden Path On Your Internal Platform
Pave the Golden Path On Your Internal Platform
Mauricio (Salaboy) Salatino
 
Webinar–That is Not How This Works
Webinar–That is Not How This WorksWebinar–That is Not How This Works
Webinar–That is Not How This Works
Synopsys Software Integrity Group
 
Webinar – Risk-based adaptive DevSecOps
Webinar – Risk-based adaptive DevSecOps Webinar – Risk-based adaptive DevSecOps
Webinar – Risk-based adaptive DevSecOps
Synopsys Software Integrity Group
 

Contenu connexe

Tendances

Static Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouStatic Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and You
Kevin Fealey
 
Apigee Edge Product Demo
Apigee Edge Product DemoApigee Edge Product Demo
Apigee Edge Product Demo
Apigee | Google Cloud
 
API Security Best Practices and Guidelines
API Security Best Practices and GuidelinesAPI Security Best Practices and Guidelines
API Security Best Practices and Guidelines
WSO2
 
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
Amazon Web Services
 

Tendances (20)

Cloud-migration-essentials.pdf
Cloud-migration-essentials.pdfCloud-migration-essentials.pdf
Cloud-migration-essentials.pdf
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
 
DevSecOps : an Introduction
DevSecOps : an IntroductionDevSecOps : an Introduction
DevSecOps : an Introduction
 
Static Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouStatic Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and You
 
Mind the-(ai)-gap : BCG study
Mind the-(ai)-gap : BCG studyMind the-(ai)-gap : BCG study
Mind the-(ai)-gap : BCG study
 
Apigee Edge Product Demo
Apigee Edge Product DemoApigee Edge Product Demo
Apigee Edge Product Demo
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
 
Shift Left Security
Shift Left SecurityShift Left Security
Shift Left Security
 
9 reasons why low code no-code platform is the best choice for increasing ado...
9 reasons why low code no-code platform is the best choice for increasing ado...9 reasons why low code no-code platform is the best choice for increasing ado...
9 reasons why low code no-code platform is the best choice for increasing ado...
 
SABSA overview
SABSA overviewSABSA overview
SABSA overview
 
APIsecure 2023 - Exploring Advanced API Security Techniques and Technologies,...
APIsecure 2023 - Exploring Advanced API Security Techniques and Technologies,...APIsecure 2023 - Exploring Advanced API Security Techniques and Technologies,...
APIsecure 2023 - Exploring Advanced API Security Techniques and Technologies,...
 
02.security systems
02.security systems02.security systems
02.security systems
 
Low code platform and Outsystems
Low code platform and Outsystems Low code platform and Outsystems
Low code platform and Outsystems
 
Web Application Security Strategy
Web Application Security Strategy Web Application Security Strategy
Web Application Security Strategy
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & Guidelines
 
Guide to an API-first Strategy
Guide to an API-first StrategyGuide to an API-first Strategy
Guide to an API-first Strategy
 
API Security Best Practices and Guidelines
API Security Best Practices and GuidelinesAPI Security Best Practices and Guidelines
API Security Best Practices and Guidelines
 
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
 
Deploying Open Banking APIs on AWS
Deploying Open Banking APIs on AWSDeploying Open Banking APIs on AWS
Deploying Open Banking APIs on AWS
 
Pave the Golden Path On Your Internal Platform
Pave the Golden Path On Your Internal PlatformPave the Golden Path On Your Internal Platform
Pave the Golden Path On Your Internal Platform
 

Similaire à Synopsys_site.pptx

Webinar–That is Not How This Works
Webinar–That is Not How This WorksWebinar–That is Not How This Works
Webinar–That is Not How This Works
Synopsys Software Integrity Group
 
Webinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at ScaleWebinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at Scale
Synopsys Software Integrity Group
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD Pipeline
DevOps.com
 
Take Control: Design a Complete DevSecOps Program
Take Control: Design a Complete DevSecOps ProgramTake Control: Design a Complete DevSecOps Program
Take Control: Design a Complete DevSecOps Program
Deborah Schalm
 
Take Control: Design a Complete DevSecOps Program
Take Control: Design a Complete DevSecOps Program Take Control: Design a Complete DevSecOps Program
Take Control: Design a Complete DevSecOps Program
DevOps.com
 
Webinar–Creating a Modern AppSec Toolchain to Quantify Service Risks
Webinar–Creating a Modern AppSec Toolchain to Quantify Service RisksWebinar–Creating a Modern AppSec Toolchain to Quantify Service Risks
Webinar–Creating a Modern AppSec Toolchain to Quantify Service Risks
Synopsys Software Integrity Group
 
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
WhiteSource
 
Realizing Software Security Maturity: The Growing Pains and Gains
Realizing Software Security Maturity: The Growing Pains and GainsRealizing Software Security Maturity: The Growing Pains and Gains
Realizing Software Security Maturity: The Growing Pains and Gains
Priyanka Aash
 

Similaire à Synopsys_site.pptx (20)

Webinar–That is Not How This Works
Webinar–That is Not How This WorksWebinar–That is Not How This Works
Webinar–That is Not How This Works
 
Webinar – Risk-based adaptive DevSecOps
Webinar – Risk-based adaptive DevSecOps Webinar – Risk-based adaptive DevSecOps
Webinar – Risk-based adaptive DevSecOps
 
Webinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at ScaleWebinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at Scale
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD Pipeline
 
Pentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrowPentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrow
 
Take Control: Design a Complete DevSecOps Program
Take Control: Design a Complete DevSecOps ProgramTake Control: Design a Complete DevSecOps Program
Take Control: Design a Complete DevSecOps Program
 
Take Control: Design a Complete DevSecOps Program
Take Control: Design a Complete DevSecOps Program Take Control: Design a Complete DevSecOps Program
Take Control: Design a Complete DevSecOps Program
 
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
 
Webinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or RealityWebinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or Reality
 
Webinar–Creating a Modern AppSec Toolchain to Quantify Service Risks
Webinar–Creating a Modern AppSec Toolchain to Quantify Service RisksWebinar–Creating a Modern AppSec Toolchain to Quantify Service Risks
Webinar–Creating a Modern AppSec Toolchain to Quantify Service Risks
 
Scaling AppSec through Education
Scaling AppSec through EducationScaling AppSec through Education
Scaling AppSec through Education
 
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptxSecure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
 
How to get the best out of DevSecOps - a security perspective
How to get the best out of DevSecOps - a security perspectiveHow to get the best out of DevSecOps - a security perspective
How to get the best out of DevSecOps - a security perspective
 
Webinar–Building A Culture of Secure Programming in Your Organization
Webinar–Building A Culture of Secure Programming in Your OrganizationWebinar–Building A Culture of Secure Programming in Your Organization
Webinar–Building A Culture of Secure Programming in Your Organization
 
Benefits of DevSecOps
Benefits of DevSecOpsBenefits of DevSecOps
Benefits of DevSecOps
 
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
 
Realizing Software Security Maturity: The Growing Pains and Gains
Realizing Software Security Maturity: The Growing Pains and GainsRealizing Software Security Maturity: The Growing Pains and Gains
Realizing Software Security Maturity: The Growing Pains and Gains
 
Outpost24 webinar - application security in a dev ops world-08-2018
Outpost24 webinar - application security in a dev ops world-08-2018Outpost24 webinar - application security in a dev ops world-08-2018
Outpost24 webinar - application security in a dev ops world-08-2018
 
10 things to get right for successful dev secops
10 things to get right for successful dev secops10 things to get right for successful dev secops
10 things to get right for successful dev secops
 
SIG-product-overview.pdf
SIG-product-overview.pdfSIG-product-overview.pdf
SIG-product-overview.pdf
 

Dernier

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 

Dernier (20)

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 

Synopsys_site.pptx

  • 1. © 2021 Synopsys, Inc. 1 Synopsys Leader in Application Security and Quality
  • 2. © 2021 Synopsys, Inc. 2 Over 30 Years of leadership, growth and innovation Employees: ~15.000 Engineers: ~6,000 SIG: ~1,500 Engineering culture Global reach 30+ Years of innovation Market Value ~ $45B 2020 Revenue ~ $3.7B $1.4B+ invested in SIG Constant growth 1. Microsoft 2. Oracle 3. SAP 4. Symantec 5. VMware 6. Salesforce 7. Intuit 8. CA Technologies 9. Adobe 10. Teradata 11. Amdocs 12. Cerner 13. Citrix 14. Autodesk 15. Synopsys 16. Sage Group 17. Akamai Technologies 18. Nuance 19. Open Text 20. F5 Networks Top 20 Global Software Companies 15. 0 500 1,000 1,500 2,000 2,500 3,000 3,500 4,000 4,500 $ Millions
  • 3. © 2021 Synopsys, Inc. 3 Synopsys SIG – Software Integrity Group 2021 2022
  • 4. © 2021 Synopsys, Inc. 4 2021 2020 2019
  • 5. © 2020 Synopsys, Inc. 2022 Synopsys is a Leader in the 2022 Gartner® Magic Quadrant for Application Security Testing (AST) for the sixth year in a row. Based on its ability to execute and our completeness of vision, Synopsys is positioned highest and farthest right for the fourth time in a row in the Leaders Quadrant among the 14 AST vendors evaluated by Gartner.
  • 6. © 2021 Synopsys, Inc. 6 Integrated Tools Strategy & Planning Maturity Action Plan (MAP) Coverity SAST Black Duck SCA Dynamic Application Security Testing Managed Services Static Application Security Testing Mobile Application Security Testing Penetration Testing Professional Services Industry Solutions Architecture and Design Security Training/ Champion Programs DevSecOps Integration Cloud Security Building Security in Maturity Model (BSIMM) Synopsys Software Security and Quality Portfolio Code Dx & I. Orchestration WhiteHat & Seeker Dynamic Analysis
  • 7. © 2021 Synopsys, Inc. 7 The Problem Development and Security Teams are in a hurry to deliver secure software, faster
  • 8. © 2021 Synopsys, Inc. 8 Development Reality Business Demands Development Teams + Time to Market Customer Satisfaction Innovation + Meet shorter, faster delivery schedules Avoid cost and time of re-work Maximize developer productivity Meet quality, safety, security requirements Maintain multi- variants of code
  • 9. © 2021 Synopsys, Inc. 9 © 2022 Synopsys, Inc. 9 Synopsys Confidential Information One Organized View SAST DAST IAST SCA API Scans Addressing all of the security touchpoints • Only 25 of 122 BSIMM activities are automated • All testing must be tracked – What test type? – What was identified? – What was assigned for remediation? – Who was it assigned to? – Was it completed, and, if so, when? • Goal: eliminate Excel as the tracking tool for testing Lots of tools, lots of activities, no central truth Security Reality Risk Analysis Architecture Analysis Threat Modeling Penetration Testing Edge/Boundary Tests Manual Code Review Malicious Code Detection Automated Tests Manual Tests
  • 10. © 2021 Synopsys, Inc. 10 Old tools and methods slow DevOps velocity Pipeline Congestion Large, monolithic AppSec testing tools can congest build, test, and release pipelines. The answer is smaller, purpose built tests run intelligently at the right time in situational context More tools + more testing = more findings that must be correlated, deduplicated and prioritized so developers aren’t overwhelmed and can focus on issues that matter most Findings Overload
  • 11. © 2021 Synopsys, Inc. 11 Intelligent Orchestration Intelligent, policy-driven DevSecOps AppSec Program Objectives & Metrics Prioritized tickets for remediation Policies Correlates, prioritizes, tracks remediation, centralizes visibility Code Dx Executes the right tests, at the right time, at the right level Actionable insights into software risk SAST SCA IAST DAST Code Review Threat Model Pen Test Risk Analysis
  • 12. © 2021 Synopsys, Inc. 12 Build Secure, High-Quality Software Faster