Virtualization Technology News and Information
Deepfactor Partners with Synopsys to Help Developers Resolve Cloud Native Supply Chain Security Risks
Deepfactor announced it is integrating with the Synopsys Black Duck software composition analysis tool to help developers prioritize and remediate application vulnerabilities and license risks in Kubernetes and cloud native applications early in development and testing.

According to the Gartner report, How to Manage Open-Source Software Risks Using Software Composition Analysis, "Application leaders are mired in escalations due to open-source software security vulnerabilities and licensing risks. They should mandate the use of software composition analysis tools to detect and remediate risks early and continuously throughout the software development life cycle."

With engineering teams embracing cloud native development and rapidly adopting open-source software, releases are increasing in both frequency and complexity. Deepfactor Developer Security integrates with the Synopsys Black Duck tool to reduce SCA alert volume and provide developers with contextual security insights to prioritize and remediate application vulnerabilities and license risks discovered during development and testing.

"We at Synopsys look forward to collaborating with Deepfactor to further support our mission to improve the security mechanisms within the software supply chain for cloud native and Kubernetes workloads," says Vatsal Sonecha, Synopsys VP of Business Development for the Software Integrity Group. "The Deepfactor solution provides engineering teams using Black Duck with valuable context, priority, and remediation information that can accelerate the reduction of applications risks."

Deepfactor is now a member of the Synopsys Technology Alliance program, which helps partners collaborate, integrate, and interoperate with Synopsys application security solutions to transform how software is built, deployed, and operated.

"We are honored to partner with Synopsys and integrate Deepfactor Developer Security with Black Duck to help developers of cloud native applications deliver secure and compliant code faster," said Kiran Kamity, CEO and Founder, Deepfactor. "The integration provides engineering teams with unique security insights that will make it faster and easier to resolve critical security risks."


The Deepfactor integration with Synopsys Black Duck is available immediately.

Published Friday, May 20, 2022 3:51 PM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<May 2022>