Synopsys has announced the double acquisition of Cigital and Codiscope.
The addition of software security services provider Cigital and the provider of complimentary security tools Codiscope will boost its software security offering so that security can be built into every software segment. Terms of the deal are not being disclosed.
The acquisition will add complimentary products, services and a highly skilled workforce to Synopsys’ Software Signoff Platform, enabling it to offer a wide range of products and services, from security training and testing services to automated tools that can be integrated into the software development lifecycle.
Cigital is an application security firm specializing in professional and managed services for identifying, remediating and preventing vulnerabilities in software applications, which spun-off Codiscope in 2015 which turned the Cigital tools and intellectual property into a suite of accessible and streamlined tools for a broad population of developers.
"Synopsys, Cigital and Codiscope have a shared vision of building security into the software development lifecycle and across the cyber supply chain," said Andreas Kuehlmann, senior vice-president and general manager of the Synopsys Software Integrity Group. "Cigital's consultants are instrumental in guiding organizations from the earliest stages of security readiness and system maturity, which will provide an impactful addition to Synopsys' current product-based offering. Codiscope's developer-focused tools and training modules are important in empowering developers to prioritize security.”
John Wyatt, Cigital CEO, added: “We are excited about joining an organization that shares Cigital's vision of securing the software that is at the heart of every organization by building security in. The shared vision of the two companies will provide Cigital the opportunity to accelerate our growth while continuing to deliver consistent, quality services to our clients."
"Codiscope's mission of improving the quality of software by creating tools that help developers build and deploy secure code faster is a natural fit in the Synopsys vision of Software Integrity," said Gary Jackson, CEO of Codiscope. “As the velocity of development increases, security belongs in development, and Codiscope will provide Synopsys critical tools to lead the industry."
In an email to Infosecurity, Quocirca analyst and director Bob Tarzey said that unlike the acquisition of McAfee by Intel which created the DeepSAFE technology, Cigital/Codiscope is about software security scanning and quality.
“This is a big issue with IoT and the other stuff Synopsys develops and sells, so it would seem it sees a benefit in having the capability to test its software in-house,” he said. “Cigital has a service focus based on software security pen-testing and has hundreds of staff, these will be an asset for Synopsys as much as the technology it is acquiring.”