Cigital was established in 1992 with grants from DARPA.[9][10] In 1999 the firm created ITS4, which according to Cigital, was the world's first static analysis tool.[11] The technology in this product was eventually licensed to Kleiner Perkins and used as the basis for the creation of Fortify Software in 2003. In 2010, Fortify was acquired by Hewlett Packard for $300 million.[12]
BSIMM (Build Security In Maturity Model)[13] is a software security measurement framework that helps organizations compare their software security to other organizations.[14] BSIMM was started as a joint project by Cigital and Fortify Software.[15][16]
In 2002, Cigital announced finding a vulnerability in Visual C++ .Net compiler[17][18][19] (related to a GS compiler flag being inefficient).[20] Cigital was criticized for not following responsible disclosure in this case,[20] however, Cigital has defended its position due to the nature of the vulnerability.[20]
On November 30, 2016, Cigital was acquired by Synopsys, an electronic design automation company.[21]
Acquisitions
In November 2014, Cigital acquired IViz Security, an information security company in the field of on-demand application penetration testing.
In November 2016, it was announced that Synopsys, Inc. would be acquiring Cigital and Codiscope.[22]
^Schafer, Sarah (January 25, 2001). "Cigital Helps Wired World Stay That Way; Dulles Firm Works to Minimize Its Clients' Risks of Software Failure". The Washington Post.
^Johnston, Nicholas (August 26, 2002). "Cigital Sees Secure Opportunities; Already Profitable, the 10-Year- Old Software Maker Is Poised to Grow". The Washington Post.
^Overly, Steven (October 7, 2013). "The Download: Dulles-Based Cigital Secures $50M from Private Equity Firm LR Partners (Posted 2013-10-07 15:56:28); Software Security Firm Brings in Private Equity Shop to Expand in Existing Markets, Reach New Ones". The Washington Post.