Case Study: Calix (communications platform provider) achieves faster, more secure software releases with Black Duck (Synopsys)

Releasing Secure Code That Meets Rigorous Standards

Calix, a San Jose–based provider of cloud and software platforms for communications service providers (founded in 1999, ~$480M revenue, 1,400+ customers), manages tens of millions of lines of code and faced growing security and license-compliance risks from both proprietary and open source components. Manual analysis was slow and expensive, and their previous scanning approach wasn’t keeping pace with the surge in reported vulnerabilities.

Calix implemented Synopsys tools—Coverity (SAST), Black Duck (SCA) and Defensics (fuzz testing)—integrated into their Bamboo CI so scans and reports run automatically with daily builds. The result: centralized, actionable reporting and faster, lower-cost remediation; improved security and compliance across releases with issues routed directly into their bug-management workflow.

Calix

Vivek Singh

Director Engineering, Product Engineering Services