Sponsored Links
-->

Thursday, January 18, 2018

HPE Fortify Software Security Center Demo 720p - YouTube
src: i.ytimg.com

Fortify Software, later known as Fortify Inc., was a California-based software security vendor, founded in 2003 and acquired by Hewlett-Packard in 2010 to become part of HP Enterprise Security Products.

On September 7, 2016, HPE CEO Meg Whitman announced that the software assets of Hewlett Packard Enterprise, including Fortify, would be merged with Micro Focus to create an independent company of which HP Enterprise shareholders would retain majority ownership. Micro Focus CEO Kevin Loosemore called the transaction "entirely consistent with our established acquisition strategy and our focus on efficient management of mature infrastructure products" and indicated that Micro Focus intended to "bring the core earnings margin for the mature assets in the deal - about 80 percent of the total - from 21 percent today to Micro Focus's existing 46 percent level within three years." The merge concluded on September 1, 2017.


Video Fortify Software



Technical advisory board

Fortify's technical advisory board was composed of Avi Rubin, Bill Joy, David A. Wagner, Fred Schneider, Gary McGraw, Greg Morrisett, Li Gong, Marcus Ranum, Matt Bishop, William Pugh and John Viega.


Maps Fortify Software



Security research

Fortify created a security research group that maintained the Java Open Review project and the Vulncat taxonomy of security vulnerabilities in addition to the security rules for Fortify's analysis software. Members of the group wrote the book, Secure Coding with Static Analysis, and published research, including JavaScript Hijacking, Attacking the build: Cross build Injection, Watch what you write: Preventing Cross-site scripting by observing program output and Dynamic Taint Propagation: Finding Vulnerabilities Without Attacking.


Static Analysis, Static Application Security Testing, SAST | Micro ...
src: 9b74456f2e4bcbc20970-51751c7e8fb38e7c8b474cab6c7dc602.ssl.cf5.rackcdn.com


Offerings

Fortify offerings included Static Application Security Testing and Dynamic Application Security Testing products, as well as products and services to support Software Security Assurance, or repeatable and auditable secure behaviors, over the course of a software application's life cycle.

In February 2011, Fortify also announced Fortify OnDemand, a static and dynamic application testing service.


HPE Security Fortify SCA and SSC, new features to power a DevOps ...
src: i.ytimg.com


See also

  • List of tools for static code analysis

Is it possible to know the Rule ID's of core Fortify rules ...
src: i.stack.imgur.com


References


Jenkins Integration with HP Fortify SSC, HP Fortify SCA and JIRA ...
src: i.ytimg.com


External links

  • Official website
    • Gartner report, on Fortify website
  • Java Open Review Project
  • Software Isn't Complete Unless It's Secure, BusinessWeek, September 26, 2006 - Article on Fortify by Bill Joy

Source of article : Wikipedia