As an organization dedicated to protecting and securing our customers’ applications, Synopsys Software Integrity Group (SIG) is equally committed to our customers’ data security and privacy. This statement is meant to provide SIG customers and prospects with the latest information about our systems, compliance certifications, processes, and other security-related activities.
Synopsys regularly performs a variety of security assessments on both the application level as well as the environments that host our applications. These include:
Our SaaS offerings utilizes industry leading cloud services providers including Amazon Web Services (AWS) and Google Cloud Platform (GCP), which are known for their security and protections.
In addition to the security provided by our cloud service providers (CSP), SIG uses real-time monitoring tools for cloud configuration and container integrity, a web application firewall, and other security controls.
All customer data is encrypted in transit and at rest. Beyond mass storage encryption sensitive data is also secured using application layer encryption.
All persistent data is encrypted at rest in the CSPs using AES 256-bit encryption or better.
Compliance with specific information security and risk management requirements
Covering security, availability, and confidentiality