Cigital

{{Short description|American software company}}

{{Infobox company

| name = Cigital

| logo = Cigital logo.svg

| type = Public

| genre =

| foundation = 1992, as Reliable Software Technologies, renamed in 2000 to Cigital[http://www.hoovers.com/company/Cigital_Inc/rthtthi-1-1njdap.html Cigital Inc. profile]

| founder =

| location_city = Dulles, VA

| location_country = U. S.

| location = Mountain View, CA

| locations = Atlanta, Bangalore, Bloomington, Boston, Chicago, Dallas, Minneapolis, New York, Santa Clara, Seattle, London

| area_served = Worldwide

| key_people = Gary McGraw

| industry = software security

| services = Architecture Analysis, Ethical Hacking, Penetration Testing, Static Analysis, Training, Policy Development

| revenue =

| operating_income =

| net_income =

| assets =

| equity =

| owner = Public Company

| parent = Synopsys

| divisions =

| num_employees = 400 security consultants{{cite web|title=The Cigital Story|url=https://www.cigital.com/about/our-story/|publisher=Cigital|accessdate=May 27, 2016|date=May 2016|archive-url=https://web.archive.org/web/20160803230231/https://www.cigital.com/about/our-story/|archive-date=August 3, 2016|url-status=dead}}

| homepage = https://www.synopsys.com/software-integrity.html

| footnotes =

| intl =

| fate = acquired by Synopsys

}}

Cigital was a software security managed services firm based in Dulles, VA.{{Cite news |last= Schafer |title= Cigital Helps Wired World Stay That Way; Dulles Firm Works to Minimize Its Clients' Risks of Software Failure |newspaper= The Washington Post |date= January 25, 2001 |first= Sarah}} The services they offered included application security testing, penetration testing, and architecture analysis. Cigital also provided instructor-led security training and products such as SecureAssist, a static analysis tool that acts as an application security spellchecker for developers.{{cite web |url=http://www.cigital.com/ |title=Home |website=cigital.com}}{{Cite news |last= Johnston |title= Cigital Sees Secure Opportunities; Already Profitable, the 10-Year- Old Software Maker Is Poised to Grow |newspaper= The Washington Post |date= August 26, 2002 |first= Nicholas }}{{Cite news |last= Overly |title= The Download: Dulles-Based Cigital Secures $50M from Private Equity Firm LR Partners (Posted 2013-10-07 15:56:28); Software Security Firm Brings in Private Equity Shop to Expand in Existing Markets, Reach New Ones|newspaper= The Washington Post |date= October 7, 2013 |first= Steven }}

{{Cite news |last= King |title= Town, gown and techies team up in Bloomington|newspaper= Indianapolis Business Journal |date= October 7, 2013 |first= Mason }}

{{Cite news |last= Smeltz |title= Hackers Who Attack U.S. in Line for Lucrative Payoffs|newspaper= Pittsburgh Tribune Review |url-access= |via= |accessdate= October 27, 2012 |date= October 7, 2013 |first= Adam |url=https://www.questia.com/read/1P2-33817615}}{{dead link|date=July 2021}}

History

Cigital was established in 1992 with grants from DARPA.{{cite web|last=Calnan|first=Christopher|title=Praetorian pours profits into new products|url=http://www.bizjournals.com/austin/print-edition/2012/06/22/product-of-experience.html|accessdate=28 June 2013}}{{cite web|title=Reliable Software Technologies Corp.|url=http://sbirsource.com/sbir/firms/3404-reliable-software-technologies-corp|publisher=SBIRSource|accessdate=29 July 2013}} In 1999 the firm created ITS4, which according to Cigital, was the world's first static analysis tool.{{cite web|title=ITS4: Software Security Tool|url=https://www.cigital.com/its4/|accessdate=21 April 2015|archive-url=https://web.archive.org/web/20150421051420/http://www.cigital.com/its4/|archive-date=21 April 2015|url-status=dead}} The technology in this product was eventually licensed to Kleiner Perkins and used as the basis for the creation of Fortify Software in 2003. In 2010, Fortify was acquired by Hewlett Packard for $300 million.{{cite web|last=Rao|first=Leena|title=HP Acquires Software Security Company Fortify|date=17 August 2010 |url=https://techcrunch.com/2010/08/17/hp-acquires-software-security-company-fortify/|publisher=Tech Crunch}}

BSIMM (Build Security In Maturity Model){{Cite web|url=https://www.bsimm.com/|title=Building Security In Maturity Model {{!}} BSIMM|website=www.bsimm.com|language=en|access-date=2019-08-29}} is a software security measurement framework that helps organizations compare their software security to other organizations.{{cite web|last=McGraw|first=Gary|title=Software [In]security: The Building Security In Maturity Model (BSIMM)|url=http://www.informit.com/articles/article.aspx?p=1332285|publisher=InformIT|accessdate=28 June 2013|author2=rian Chess |author3=Sammy Migues |date=March 16, 2009}} BSIMM was started as a joint project by Cigital and Fortify Software.[https://archive.today/20120918135442/http://www.wallstreetandtech.com/articles/216403548 The Rocky Road To More Secure Code, Wall Street and Technology][https://blogs.wsj.com/digits/2009/03/04/new-effort-hopes-to-improve-software-security/ New Effort Hopes to Improve Software Security, Wall Street Journal]

In 2002, Cigital announced finding a vulnerability in Visual C++ .Net compiler[https://www.wsj.com/articles/SB101364296255025200 Microsoft's New 'Compiler' Program Has Security Flaw, Consultancy Says. WSJ][http://news.cnet.com/2100-1001-837428.html Flaw spotted in new Microsoft tool. CNet]{{Cite news |title= Net Security Company Reports Flaw|newspaper= Associated Press |date= February 15, 2002 }} (related to a GS compiler flag being inefficient).[http://news.cnet.com/2100-1001-838096.html Was Cigital security warning too hasty? CNet] Cigital was criticized for not following responsible disclosure in this case, however, Cigital has defended its position due to the nature of the vulnerability.

On November 30, 2016, Cigital was acquired by Synopsys, an electronic design automation company.{{Cite news|url=https://news.synopsys.com/2016-11-30-Synopsys-Completes-Acquisitions-of-Cigital-and-Codiscope|title=Synopsys Completes Acquisitions of Cigital and Codiscope|access-date=2018-10-29|language=en}}

Acquisitions

In November 2014, Cigital acquired IViz Security, an information security company in the field of on-demand application penetration testing.

In November 2016, it was announced that Synopsys, Inc. would be acquiring Cigital and Codiscope.{{cite web|title=Synopsys (SNPS) to Acquire Cigital and Codiscope|url=http://www.streetinsider.com/Corporate+News/Synopsys+(SNPS)+to+Acquire+Cigital+and+Codiscope/12216651.html|website=StreetInsider.com|accessdate=11 November 2016|ref=si}}

References