www.design-reuse-embedded.com
SEARCH IP   
    • Categories
    • RISC-V
    • Embedded Processing
    • 5G, 3GPP LTE IP
    • IoT IP
    • Artificial Intelligence IP
    • Automotive IP
    • Space and Avionics
    • Security IP
    • Audio & Video IP
    • Design Platforms
    • Monitoring and Verification
    • SoC Design Services
    • Find your best SoC design partner
Partner Videos D&R Events
    • IP-SoC Days 2024
    • IP-SoC Days 2023
    • IP-SoC Days 2022
    • IP-SoC Days 2021
    • IP-SoC Days 2020
    • IP-SoC 2023
    • IP-SoC 2022
    • IP-SoC 2021
    • IP-SoC 2020
NEWS
Find Top SoC Solutions
for AI, Automotive, IoT, Security, Audio & Video...

Synopsys Launches New Offering for Comprehensive Software Supply Chain Security

Black Duck Supply Chain Edition addresses vulnerabilities, license conflicts, and malicious code across open source and commercial dependencies as well as AI-generated code.

www.synopsys.com/, Apr. 09, 2024 – 

SUNNYVALE, Calif., April 9, 2024 /PRNewswire/ -- Synopsys, Inc. (Nasdaq: SNPS) today announced the availability of Black Duck® Supply Chain Edition, a new software composition analysis (SCA) offering that enables organizations to mitigate upstream risk in their software supply chains. Black Duck Supply Chain Edition combines multiple open source detection technologies, automated third-party software bill of materials (SBOM) analysis, and malware detection to provide a comprehensive view of software risks inherited from open source, third-party, and AI-generated code. Development and security teams can track their dependencies across the entire application lifecycle to identify and resolve security vulnerabilities, malicious packages, and license violations and conflicts.

Supply Chain Edition builds on the market-leading capabilities of Black Duck and delivers a full range of supply chain security capabilities to teams responsible for building secure, compliant applications.

"With the rise in software supply chain attacks targeting vulnerable or maliciously altered open source and third-party components, it's critical for organizations to understand and thoroughly scrutinize the composition of their software portfolios," said Jason Schmitt, general manager of the Synopsys Software Integrity Group. "This requires constant vigilance over the patchwork of software dependencies that get pulled in from a variety of sources, including open source components downloaded from public repositories, commercial software packages purchased from vendors, code generated from AI coding assistants, and the containers and IT infrastructure used to deploy applications. It also requires the ability to detect and generate actionable insights for a wide range of risk factors such as known vulnerabilities, exposed secrets, and malicious code. Black Duck Supply Chain Edition combines a suite of best-in-class capabilities to streamline these requirements and attest to the results in standardized or customized SBOM formats."

click here to read more...

 Back

Partner with us

Contact Us
Partnership Offers

List your Products

Suppliers, list and add your products for free.

List your Products

More about D&R Privacy Policy

© 2024 Design And Reuse

All Rights Reserved.

No portion of this site may be copied, retransmitted, reposted, duplicated or otherwise used without the express written permission of Design And Reuse.