- Silicon Design & Verification
- Products
- Solutions
- Resources
- Services
- Community
- Training
- Silicon IP
- Products
- Markets
- Newsletter
- Customer Success
- News
- Resources
- Company
- About Us
- Investor Relations
- Community
- Newsroom
- Resources
- Careers
Cybersecurity Research Center
Cybersecurity Research Center (CyRC)
The Synopsys Cybersecurity Research Center works to accelerate access to information around the identification, severity, exploitation, mitigation, and defense against software vulnerabilities. Operating within the greater Synopsys mission of making the software that powers our lives safer and of the highest quality, CyRC helps increase awareness of issues by publishing research supporting strong cybersecurity practices.
CyRC leverages core expertise present within the global software security teams within Synopsys. Our expertise spans static code analysis, fuzzing, penetration testing, open source development, and production deployment. With software at the heart of modern life—from wearable devices, home automation, blockchain, mobile applications, and automotive technologies—access to actionable security information must flow at the pace of innovation.
Review of Apache Struts vulnerabilities yields 24 updated advisories
CyRC research labs
Boston
Our Boston open source research team maintains the Black Duck KnowledgeBase, analyzing and refining data for over 2 million open source projects from over 14,000 resources worldwide.
Belfast
Our Belfast team is chartered to identify the true impact of open source vulnerabilities and their exploitability.
Calgary
Our Calgary team works to identify coding patterns contributing to software vulnerabilities.
Oulu
Our Oulu team researchers discovered the Heartbleed vulnerability and continue to perform protocol-based research.
Latest vulnerability findings: CVE-2018-18907 authentication bypass vulnerability in D-Link DIR-850L wireless router
CVE-2018-18907 refers to an authentication vulnerability with D-Link DIR-850L routers that allows clients to communicate with the router without completing the full WPA handshake. Successful exploitation of this vulnerability allows an attacker to join the router’s network without the required credentials and mount further attacks against users of the network. D-Link DIR-850L routers with hardware revision A and firmware version 1.21B06 Beta and older are vulnerable.
Download the latest CyRC research
Tools for the open source community
Open Hub
Open Hub is an online community and public directory of free and open source software (FOSS) offering analytics and search services for discovery, evaluation, and comparison of open source code and projects.
Coverity Scan
Coverity Scan helps you find and fix defects in your Java, C/C++, C#, JavaScript, Ruby, or Python open source project for free. Coverity Scan tests every line of code and potential execution path and clearly explains the root cause of each defect, making it easy to fix bugs.
CoPilot
Designed with open source developers in mind, Black Duck CoPilot integrates with your GitHub repository and CI platform to give you a clear understanding of any unpatched open source vulnerabilities. A CoPilot GitHub badge provides assurances to your users of any open source vulnerabilities in the codebase.