Fortify 360 is a suite of integrated solutions for identifying, prioritizing and fixing security vulnerabilities in software while managing the business of ensuring application security. The cornerstone of Fortify’s recently announced Business Software Assurance framework, Fortify 360 executes on the company’s holistic approach to protecting corporate assets and preventing catastrophic data loss by focusing on the most vulnerable area in the enterprise — the software applications that automate critical business processes.
The first solution set of its kind, Fortify 360 uses patented capabilities to precisely identify the location of deadly vulnerabilities at every phase of development through production. Once identified, Fortify 360 provides the means to manage the complex process of repairing the numerous problems that are usually uncovered, as well as a centralized dashboard for effective management and reporting. Fortify 360 allows companies to implement Business Software Assurance as an ongoing business process, seamlessly connecting security, software development and C-level business management teams.
“It’s not just about the technology, but also about bridging the gap between those in the enterprise responsible for development and security. Security is a low priority in software development compared to functionality, quality and performance, and most business managers are often unaware of the inherent business and security risks of deploying dangerously exposed software,” said Roger Thornton, Fortify’s Chief Technology Officer and founder. “Fortify 360 connects all of these teams, integrating software assurance as a business process throughout the organization.”
Fortify 360 offers:
- Fortify 360 Analysis: applies three integrated levels of analysis including static analysis of the code, dynamic analysis of running applications during QA testing, and real-time monitoring of applications once they have been deployed, providing the most comprehensive security analysis in the market today.
- Audit Workbench: correlates and prioritizes vulnerabilities so that IT and security teams can effectively manage and remediate the most pressing risks first
- Instant Remediation capability: allows rapid response to time-sensitive vulnerabilities affecting deployed applications by delivering patches immediately
- Collaboration Module: provides a shared working environment where security and development teams can work together to resolve vulnerabilities
- Software Security Governance: establishes a centralized security dashboard and control center for effective reporting and trend tracking over multiple applications
In addition to its analysis and remediation processes, Fortify 360 also provides users with regular threat intelligence updates generated by the Fortify Security Research Group, the industry’s only team of researches dedicated to software application security. These updates, known as rulepacks, are well-known throughout the industry for their insight on why real world systems fail and how Fortify customers can best address impending threats.
Reference : Fortify 360
* One open source software defect fix every six minutes
* Security Test with Fortify Security Tester for MS Visual Studio 2005 Team System
* Analyze Application Vulnerabilities with Compuware DevPartner SecurityChecker 2.0