A prominent semiconductor software company, Synopsys, recently agreed to purchase WhiteHat Security from NTT for around $330 million in cash. The acquisition is expected to complete in the third quarter of the fiscal year 2022.
Jeremiah Grossman, a former Yahoo manager, established WhiteHat in 2001. The organization provides application security solutions and services. Its cloud-based offering includes many security intelligence and vulnerability management products. Since 2019, NTT has owned WhiteHat Security. The company was renamed 'NTT Application Security' after its acquisition.
At critical software development lifecycle (SDL) points, the WhiteHat platform layers out three purpose-built, quick testing solutions and services. They claim to provide precise security insights to DevOps, security teams, and developers when designing and delivering APIs and online apps. In addition, the SaaS platform includes an API that includes tools to streamline operations and automate app security throughout the SDL.
What is the purpose of the acquisition?
WhiteHat Security, according to Synopsys, brings industry-leading app security technology to the table. WhiteHat Security will bolster Synopsys' security portfolio. "WhiteHat Security was a pioneer in SaaS delivery of application security testing," stated Jason Schmitt, general manager of Synopsys Software Integrity Group.
He added, "It brings powerful technology and expertise into our application security portfolio. WhiteHat Security's DAST capabilities complement our strengths, while their expertise in SaaS will accelerate our security testing SaaS capabilities."
WhiteHat Security's most recent service
Vantage Prevent was released in January by NTT and WhiteHat Application Security. The service uses DevOps quality assurance and operational tests to find security flaws in various APIs and web applications. DevOps engineers and developers may use Vantage Prevent to program security testing into delivery pipelines and connectors. Before sending software to production, security staff can address risks and vulnerabilities.
With the addition of WhiteHat Security to the SIG portfolio, the SIG portfolio will now include:
- Static code analysis (SAST) solutions use a single, well-proven tool to handle quality and security issues.
- Dynamic analysis (DAST) solutions that detect security flaws in running applications.
- Software composition analysis (SCA) solutions support dozens of languages and binary formats and can analyze software for open source vulnerabilities, license and compliance concerns.
- Interactive application security testing (IAST) is a category-defining tool that allows enterprises to automate web security testing within DevOps pipelines.
- An Application Security Orchestration and Correlation (ASOC) solution that aggregates, correlates, and prioritizes findings from Synopsys solutions, third-party solutions, open-source solutions, and manual testing.
- As policy as code, a technology thatintelligently integrates application security testing into DevOps pipelines: Test execution is optimized based on policy, risk, code changes, and defect tracking data.
- More than 250 network protocols and file formats are supported by fuzz testing tools that work right out of the box.
- Static analysis, mobile testing services, and dynamic analysis are available as subscription-based security testing services.
- Professional services that assist enterprises in implementing a software security practice, regardless of the maturity level of their development strategy.
- Some of the quickest and most comprehensive approaches for your developers to improve their software security abilities are training and e-learning programs.
