Open Menu
Synopsys Authorized as a CVE Numbering Authority (CNA)
| | More EDA News

CNA designation issued by the CVE Program streamlines Synopsys' ability to publish open source software vulnerabilities, underscoring its commitment to bolstering the security of the software ecosystem.

MOUNTAIN VIEW, Calif., March 30, 2021 — (PRNewswire) —   Synopsys, Inc. (Nasdaq: SNPS) today announced the company's designation as a CVE Numbering Authority (CNA) by the CVE Program. As a CNA, the Synopsys Software Integrity Group is now authorized to assign CVE identification numbers to newly discovered vulnerabilities and publish information about the vulnerabilities in the associated CVE records.

Since the inception of its Cybersecurity Research Center (CyRC), Synopsys has strived to improve the security posture of the open source community through testing tools like Coverity Scan, by providing enriched CVE data to customers through Black Duck Security Advisories, and by responsibly disclosing vulnerabilities it discovers through the CVE Program and other CNAs. As a newly designated CNA, Synopsys can streamline the process of publishing accurate and timely vulnerability information it uncovers to the public.

"We're excited to take this next step in our progression as a good steward of the broader software ecosystem," said Jason Schmitt, general manager of the Synopsys Software Integrity Group. "As a leader in application security, vulnerability research is part of our DNA. As a CNA, we can more effectively and efficiently disseminate the results of our research to our customers and the software community in general—for both newly discovered vulnerabilities and existing CVE records that may be inaccurate or incomplete."

The CVE® Program is an international, community-based program whose mission is to identify, define, and catalogue publicly disclosed cybersecurity vulnerabilities. CVE IDs are assigned by CNAs, which are operated on a voluntary basis by participating organizations. Synopsys joins authorized commercial entities such as Linux, Red Hat, Google, and Microsoft as a CNA. 

"The identification and availability of accurate and timely vulnerability information is essential when protecting the software supply chain," said Christopher Fearon, Director of Research Engineering for the Synopsys Software Integrity Group. "As we expand our vulnerability research and development efforts within Synopsys CyRC, the direct nature of disclosing vulnerabilities as a CNA adds an increased level of transparency and speed to our research capabilities."

To disclose a vulnerability through Synopsys or to learn about our responsible disclosure process, visit our Responsible Disclosure Policy.

About the Synopsys Software Integrity Group

Synopsys Software Integrity Group helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in application security, provides static analysis, software composition analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations optimize security and quality in DevSecOps and throughout the software development life cycle. Learn more at www.synopsys.com/software.

About Synopsys 

Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As an S&P 500 company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and offers the industry's broadest portfolio of application security testing tools and services. Whether you're a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing more secure, high-quality code, Synopsys has the solutions needed to deliver innovative products. Learn more at www.synopsys.com.

Editorial Contact:

Liz Samet
Synopsys, Inc.
703-657-4218
esamet@synopsys.com 

Cision View original content: http://www.prnewswire.com/news-releases/synopsys-authorized-as-a-cve-numbering-authority-cna-301258432.html

SOURCE Synopsys, Inc.

Contact:
Company Name: Synopsys, Inc.
Web: http://www.synopsys.com
Financial data for Synopsys, Inc.

Related News
Synopsys Extends DesignWare Security, Processor IP Solutions to Address Safety and Security Requirements of Automotive Designs
Semiconductor Energy Laboratory and Silvaco Jointly Develop SPICE Model of Oxide Semiconductor FETs
Synopsys Study Shows Uptick in Vulnerable, Outdated, and Abandoned Open Source Components in Commercial Software
Synopsys To Expand DesignWare Ethernet IP Portfolio with Acquisition of MorethanIP
Open Source FPGA Launches Foundation to Accelerate Widespread Adoption of Programmable Logic
Synopsys and Samsung Foundry Collaboration Delivers High-Performance Physical Signoff on Samsung SAFE Cloud Design Platform
More News 
Featured Video









Submit | More Videos 
Sponsored Videos
Submit | More Videos 
Notices
rss feed
Simulation Word 2024 - Powering Innovation That Drives Human Advancement
Notices 
Editorial
Roberto FrazzoliEDACafe Editorial
by Roberto Frazzoli
Synopsys to sell Software Integrity Group; Micron to get CHIPS Act funding; 3D solution for RFSOI; recyclable PCBs
More Editorial  
Latest Blog Posts
Jean-Marie BrunetSiemens EDA
by Jean-Marie Brunet
The Strategic Advantage in the Hardware-assisted Verification Segment
Bob Smith, Executive DirectorBridging the Frontier
by Bob Smith, Executive Director
Ansys’ John Lee on Cultivating Trust within his Team
Sanjay GangalThe Dominion of Design
by Sanjay Gangal
TSMC Unveils Next-Gen AI Semiconductor Technologies at 30th North America Symposium
Anupam BakshiAgnisys Automation Review
by Anupam Bakshi
The Role of the Portable Stimulus Standard in VLSI Development
More EDA Blogs 
Jobs
Hardware Development Engineer - (PCB) for Cisco Systems Inc at Austin, Texas
Senior Staff Engineer for Samsung Electronics at San Jose, California
Hardware Engineer for PTEC Solutions at Fremont, California
Technical Staff Engineer - Hardware (FPGA) for Microchip at San Jose, California
FPGA Design Verification Engineer for General Dynamics Mission Systems at Dedham, Massachusetts
Senior CAD Engineer for Nvidia at Santa Clara, California
Submit Resume | Post Jobs | More Jobs 
Upcoming Events
SEMICON Southeast Asia 2024 at MITEC Kuala Lumpur Malaysia - May 28 - 30, 2024
3D & Systems Summit - Heterogeneous Systems for the Intelligently Connected Era at Hilton Dresden Hotel An der Frauenkirche 5, 01067 Dresden Germany - Jun 12 - 14, 2024
2024 IEEE Symposium on VLSI Technology & Circuits at HILTON HAWAIIAN VILLAGE HONOLULU HI - Jun 16 - 20, 2024
Design Automation Conference (DAC) 2024 at Moscone West, San Francisco CA - Jun 23 - 27, 2024
Submit | More Events 



© 2024 Internet Business Systems, Inc.
670 Aberdeen Way, Milpitas, CA 95035
+1 (408) 882-6554 — Contact Us, or visit our other sites:
AECCafe - Architectural Design and Engineering TechJobsCafe - Technical Jobs and Resumes GISCafe - Geographical Information Services MCADCafe - Mechanical Design and Engineering ShareCG - Share Computer Graphic (CG) Animation, 3D Art and 3D Models
  Privacy PolicyAdvertise