Today Synopsys announced that it has signed a definitive agreement to acquire WhiteHat Security, an application security pioneer and market-segment leading provider of dynamic application security testing (DAST) solutions. The two companies are strategically aligned, with a shared vision for delivering SaaS-based security testing services and building security into the software development life cycle. WhiteHat Security will enhance our efforts in the software security market by broadening our product offering and accelerating the expansion of our Polaris application security platform.
As software development strives to keep pace in today’s rapidly evolving markets, dynamic analysis remains a critical component to any application security testing program. The WhiteHat Security DAST solution is a time-proven, SaaS solution that can safely and efficiently run continuous testing against production applications. This gives organizations the flexibility to apply dynamic analysis quickly and easily at any stage of the development process.
Since the creation of the Synopsys Software Integrity Group (SIG), we have been striving to build trust in software through a comprehensive, end-to-end portfolio for software security and quality. The acquisition of WhiteHat Security is another step forward in this process, expanding the ability of Synopsys to provide companies a scalable approach for minimizing software-related business risk, ensuring timely product releases at predictably lower cost, and ensuring internal and external standards compliance.
With the acquisition of WhiteHat Security, the SIG portfolio will contain:
- Static code analysis (SAST) solutions that address quality and security defects with one, proven tool
- Dynamic analysis (DAST) solutions that identify security vulnerabilities in running applications
- Software composition analysis (SCA) solutions that can analyze software for open source vulnerabilities and license and compliance issues, supporting dozens of languages and binary formats
- A category-defining interactive application security testing (IAST) solution that enables organizations to automate web security testing within DevOps pipelines.
- A compelling application security orchestration and correlation (ASOC) solution that aggregates, correlates, and prioritizes findings from Synopsys solutions, third party solutions, open-source solutions, and manual testing.
- A solution that intelligently integrates application security testing into DevOps pipelines as policy as code: optimizing test execution based on policy, risk, code changes, and defect tracking data
- Fuzz testing tools that work out of the box with more than 250 network protocols and file formats supported
- Security Testing Services that deliver subscription-based testing for static analysis, dynamic analysis, and mobile testing services.
- Professional services that help organizations implement a software security practice no matter the development strategy maturity level
- Training and e-learning programs that are some of the fastest and most comprehensive ways for your developers to improve their software security skills
The acquisition is expected to close in Synopsys’ third fiscal quarter, subject to regulatory review and customary closing conditions. We are looking forward to welcoming the employees of WhiteHat Security and working together to add even more value to our customers.