Bangalore, November 08, 2016
Synopsys, Inc. (Nasdaq: SNPS) has signed definitive agreements to acquire Cigital, a privately held provider of software security managed and professional services, and Codiscope, a 2015 spinoff of Cigital and provider of complementary security tools. Cigital is a large, global application security firm specializing in professional and managed services for identifying, remediating and preventing vulnerabilities in software applications. Codiscope has transformed the tools and intellectual property created by Cigital into a suite of accessible and streamlined tools for a broad population of developers.
The security of software code throughout the software supply chain is a critical concern for companies across a broad range of industries, from financial services and medical devices to industrial controls and automotive. As the cyber security landscape becomes increasingly complex, many organizations are struggling to determine the right solution in the context of a multitude of point tool offerings and varying vendor strategies, as well as their own IT challenges and priorities. The acquisition of Cigital and Codiscope will add complementary products, services, and a highly skilled workforce to the Synopsys portfolio, enabling Synopsys to offer a comprehensive software security signoff solution.
“Synopsys, Cigital and Codiscope have a shared vision of building security into the software development lifecycle and across the cyber supply chain,” said Andreas Kuehlmann, senior vice president and general manager of the Synopsys Software Integrity Group. “Cigital’s consultants are instrumental in guiding organizations from the earliest stages of security readiness and system maturity, which will provide an impactful addition to Synopsys’ current product-based offering. Codiscope’s developer-focused tools and training modules are important in empowering developers to prioritize security. Together we will be able to provide our customers with a state-of-the-art software security platform.”
“Coupling the managed services and professional services of Cigital with the product strengths of Synopsys really creates something very remarkable: the first true end-to-end provider for software security,” said John Wyatt, Cigital chief executive officer. “We are excited about joining an organization that shares Cigital’s vision of securing the software that is at the heart of every organization by Building Security In. The shared vision of the two companies will provide Cigital the opportunity to accelerate our growth while continuing to deliver consistent, quality services to our clients.”
“Codiscope’s mission of improving the quality of software by creating tools that help developers build and deploy secure code faster is a natural fit in the Synopsys vision of Software Integrity,” said Gary Jackson, Codiscope Chief Executive Officer. “Addressing security at the developer level drives developer productivity, reduces remediation time, and promotes the education of security skills. As the velocity of development increases, security belongs in development, and Codiscope will provide Synopsys critical tools to lead the industry.”
The terms of the deal are not being disclosed. The transaction, which will be funded with a combination of U.S. cash and debt, is subject to Hart Scott Rodino regulatory review and other customary closing conditions, and is expected to close by December 2016. While Synopsys has not yet provided financial guidance for fiscal 2017, our preliminary review indicates that the acquisition is expected to be modestly dilutive to 2017 non-GAAP earnings per share, and is expected to reach breakeven on a non-GAAP basis by the second half of 2018.
About the Synopsys Software Integrity Platform
Through its Software Integrity Platform, Synopsys provides advanced solutions for improving the security and quality of software. This comprehensive platform of automated analysis and testing technologies integrates seamlessly into the software development process and enables organizations to detect and remediate security vulnerabilities, quality defects and compliance issues early in the software development lifecycle, as well as to gain security assurance with and visibility into their software supply chain.