Synopsys (SNPS) Unveils Black Duck Supply Chain Solution
Synopsys (SNPS - Free Report) has announced that its Black Duck Supply Chain Edition will be available to the public from Apr 25, 2024. This is the latest software composition analysis solution from Synopsys that enables organizations to address risks upstream in their software supply chains.
The solution helps development and security teams track dependencies throughout the application lifecycle, spotting and fixing security issues, malicious packages and license conflicts. Additionally, the solution identifies malware through post-build analyses. It continually monitors for open source vulnerabilities, and oversees IP risk and license compliance.
Black Duck Supply Chain features technology to find open source components in code, import software bill of materials (SBOM) from other software suppliers, and organize open source, commercial and custom components. It can also export SBOMs in SPDX or CycloneDX formats to meet customer, industry or regulatory needs.
To achieve supply-chain security capabilities, Black Duck Supply Chain utilizes detection technologies, automated third-party SBOM analysis and threat detection to mitigate software risks posed by codes based on open source, third-party and AI.
Synopsys is gaining from robust design wins due to a solid product portfolio. Rising demand for IP, security solutions and advanced technology design is also creating promising prospects.
Currently, the company flaunts a Zacks Rank #1 (Strong Buy). Shares of SNPS have returned 39.6% in the past year.
