NTT DATA Enters Into Global Strategic Application Security Agreement with Synopsys Software Integrity Group

March 29, 2024

NTT DATA Group Corporation

TOKYO – March 29, 2024 – NTT DATA, a global digital business and IT services leader, and the Synopsys Software Integrity Group, a recognized leader in application security testing, today announced their global collaboration. The collaboration is designed to provide application security solutions supported by advisory and managed services to clients to help them protect against cyber security threats in the software supply chain. This collaboration builds on NTT DATA's recently announced New Global Cybersecurity Strategy and enhances its application security capabilities in NTT DATA's global cybersecurity services portfolio.

NTT DATA and the Synopsys Software Integrity Group introduce a broad portfolio of application security solutions. These solutions enable organizations to manage risk at scale, establish effective compliance, pinpoint and fix software vulnerabilities, and centralize policies and reporting.

NTT DATA plans to integrate elements of the Synopsys Software Integrity Group's industry-leading Polaris Software Integrity Platform^® including Synopsys Black Duck^® software composition analysis (SCA) and Synopsys Coverity^® static application security testing (SAST) into its solution portfolio. By leveraging these solutions, NTT DATA will visualize vulnerabilities in open-source software (OSS) libraries or user source code included in the software components of commercial applications developed by NTT DATA, as well as applications developed by clients. Based on the vulnerability information provided by Synopsys Software Integrity Group's solution offerings, NTT DATA will offer advisory services to enhance security in the software development cycle, as well as provide clients with managed security detection and response services. This will enable NTT DATA to create one picture of risk and transform application security so that clients can improve their risk posture and the AppSec program's total cost of ownership.

According to Synopsys' 14th iteration of the Building Security In Maturity Model (BSIMM), an annual report analysing the software security practices across 130 organizations, including some of the most advanced companies in cloud, financial services, FinTech, ISV, insurance, IoT, healthcare, and technology industries, the use of automated security technology is growing rapidly. Firms are increasingly taking advantage of security automation to enhance manual, subject matter expert–driven security activities to reduce cost and improve effectiveness. Greater automation has enabled organizations to embrace the shift-everywhere philosophy, with automated, event-driven security testing increasing by 200% over the last two years.

Organizations have also made valuable strides in improving the culture of security at their organizations. In fact, the BSIMM14 found that organisations are demanding more from service providers and partners. Expectations for strong vendor security practices grew by 21% as firms held vendors to standards similar to those they use internally.

Additionally, software supply chain practices are gaining traction. Organizations are increasingly building Software Bills of Materials (SBOMs), with a 22% increase in SBOM creation from last year. And when it comes to open source awareness, identifying and controlling open-source risk increased by just under 10% from last year.

"Our agreement with NTT DATA presents a significant milestone that will help to expand the Synopsys Software Integrity portfolio while also supporting NTT DATA in helping to enable and enhance their advisory and managed services teams to protect clients against numerous software security threats," said Jason Schmitt, general manager of the Synopsys Software Integrity Group. "Our joint customers are seeing first-hand that a consolidated, integrated security strategy also supports building trust in the software we develop and use on a daily basis. This agreement signals the continued momentum and growth we expect by further extending our world-class application security solutions moving forward."

"At NTT DATA, we never underestimate the immense challenge of cybersecurity, and this collaboration will undoubtedly reinforce our capability in this crucial area. With regulation-driven compliance mandating corporate action and cyberattacks on the rise, cyber services enabled by automation are proving essential to defend against myriad threats targeting software, while enabling companies to do more with less," remarked Hidehiko Tanaka, Senior Vice President, Head of Technology and Innovation General Headquarters, NTT DATA Group Corporation. "Our global arrangement with Synopsys will enable more organizations and companies to leverage the benefits of automated Application Security via NTT DATA's unrivalled reach and technical expertise."