Cybersecurity Research Center

Cybersecurity Research Center (CyRC)

The Synopsys Cybersecurity Research Center works to accelerate access to information around the identification, severity, exploitation, mitigation, and defense against software vulnerabilities. Operating within the greater Synopsys mission of making the software that powers our lives safer and of the highest quality, CyRC helps increase awareness of issues by publishing research supporting strong cybersecurity practices.

CyRC leverages core expertise present within the global software security teams within Synopsys. Our expertise spans static code analysis, fuzzing, penetration testing, open source development, and production deployment. With software at the heart of modern life—from wearable devices, home automation, blockchain, mobile applications, and automotive technologies—access to actionable security information must flow at the pace of innovation.

Latest vulnerability findings: CVE-2018-18907 authentication bypass vulnerability in D-Link DIR-850L wireless router

CVE-2018-18907 refers to an authentication vulnerability with D-Link DIR-850L routers that allows clients to communicate with the router without completing the full WPA handshake. Successful exploitation of this vulnerability allows an attacker to join the router’s network without the required credentials and mount further attacks against users of the network. D-Link DIR-850L routers with hardware revision A and firmware version 1.21B06 Beta and older are vulnerable.

Learn more

CyRC research labs

 

Boston

Our Boston open source research team maintains the Black Duck KnowledgeBase, analyzing and refining data for over 2 million open source projects from over 14,000 resources worldwide.

Belfast

Our Belfast team is chartered to identify the true impact of open source vulnerabilities and their exploitability.

Calgary

Our Calgary team works to identify coding patterns contributing to software vulnerabilities.

Oulu

Our Oulu team researchers discovered the Heartbleed vulnerability and continue to perform protocol-based research.

Download the latest CyRC research

Open source tools

Open Hub + -

Open Hub

Open Hub is an online community and public directory of free and open source software (FOSS) offering analytics and search services for discovery, evaluation, and comparison of open source code and projects. 

 

Learn more

Coverity Scan

Coverity Scan helps you find and fix defects in your Java, C/C++, C#, JavaScript, Ruby, or Python open source project for free. Coverity Scan tests every line of code and potential execution path and clearly explains the root cause of each defect, making it easy to fix bugs.

 

Learn more

CoPilot + -

CoPilot

Designed with open source developers in mind, Black Duck CoPilot integrates with your GitHub repository and CI platform to give you a clear understanding of any unpatched open source vulnerabilities. A CoPilot GitHub badge provides assurances to your users of any open source vulnerabilities in the codebase.

 

Learn more