(SAST, DAST, IAST, SCA) is designed to build security into all phases of the SDLC. Features include architecture risk analysis which helps developers identify and fix defects and vulnerabilities while they code. Synopsys Intelligent Orchestration moves security checks into CI pipelines. This feature allows organizations to define risk policies, run relevant analyses and get prioritized results. The Coverity SAST solution delivers scalable static analysis that detects security weaknesses in code, ensuring that code meets security standards. BlackDuck, which offers a comprehensive database of open source components, vulnerability, and license information was acquired by Synopsys in 2017. With it, users reduce security and license compliance risks while automatically enforcing existing open source policies and processes.