May 16th, 2022 – Valencia, Spain at KubeCon + CloudNativeCon Europe 2022 – Deepfactor™, a leading developer security platform, today announced it is integrating with the Synopsys Black Duck® software composition analysis tool to help developers prioritize and remediate application vulnerabilities and license risks in Kubernetes and cloud native applications early in development and testing.
According to the Gartner® report, How to Manage Open-Source Software Risks Using Software Composition Analysis, “Application leaders are mired in escalations due to open-source software security vulnerabilities and licensing risks. They should mandate the use of software composition analysis tools to detect and remediate risks early and continuously throughout the software development life cycle.”
With engineering teams embracing cloud native development and rapidly adopting open-source software, releases are increasing in both frequency and complexity. Deepfactor Developer Security integrates with the Synopsys Black Duck tool to reduce SCA alert volume and provide developers with contextual security insights to prioritize and remediate application vulnerabilities and license risks discovered during development and testing.
“We at Synopsys look forward to collaborating with Deepfactor to further support our mission to improve the security mechanisms within the software supply chain for cloud native and Kubernetes workloads,” says Vatsal Sonecha, Synopsys VP of Business Development for the Software Integrity Group. “The Deepfactor solution provides engineering teams using Black Duck with valuable context, priority, and remediation information that can accelerate the reduction of applications risks.”
Deepfactor is now a member of the Synopsys Technology Alliance program, which helps partners collaborate, integrate, and interoperate with Synopsys application security solutions to transform how software is built, deployed, and operated.
“We are honored to partner with Synopsys and integrate Deepfactor Developer Security with Black Duck to help developers of cloud native applications deliver secure and compliant code faster,” said Kiran Kamity, CEO and Founder, Deepfactor. “The integration provides engineering teams with unique security insights that will make it faster and easier to resolve critical security risks.”
The Deepfactor integration with Synopsys Black Duck is available immediately.
Gartner is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the US and internationally and is used herein with permission. All rights reserved.
Deepfactor is a developer security platform that enables engineering teams to quickly discover and resolve security vulnerabilities, supply chain risks, and compliance violations early in development and testing. For more information, visit www.Deepfactor.io and follow us on LinkedIn and Twitter.