Fortify Software to Collaborate With HP on Application Lifecycle Security Solutions...

Fortify Software to Collaborate With HP on Application Lifecycle Security
Solutions to Reduce Business Risk

SAN MATEO, Calif., June 10 /PRNewswire/ -- Fortify Software, the market
leading provider of Software Security Assurance solutions, announced today a
collaboration with HP to help customers reduce their business risk by
identifying, prioritizing and fixing critical security vulnerabilities across
the application life cycle. 

Fortify 360's Static Application Security Testing (SAST) technology will be
integrated with HP Application Security Center and HP Quality Center software
solutions to give enterprise users increased visibility into application
security across development, quality assurance and security operations.  

"The combination of these technologies brings together development's security
efforts with software quality and dynamic application security testing," said
John M. Jack, CEO of Fortify Software. "Not only will customers benefit from
increased visibility into the security of their software throughout its
lifecycle, but they will be even better equipped to assess and manage the
overall risk to their business while cutting the costs it takes to perform
these tasks."

Recent studies show that data breaches and cyber attacks on the application
layer continue to rise at an alarming rate, and the National Institute of
Standards & Technology (NIST) notes that 92% of exploitable vulnerabilities
are found in the software. As businesses strive to mitigate the risks posed by
vulnerable software, mandates from organizations such as the Payment Card
Industry (PCI) Security Standard Council make it imperative to address
security through all phases of the software life cycle.

"Enterprise businesses can reduce security risks inherent in their software by
bringing together their development, quality assurance and security operations
groups," said Jonathan Rende, vice president and general manager, Business
Technology Optimization Applications, Software and Solutions, HP. "Combining
Fortify's leading static application security testing technology together with
HP's market-leading quality and web application security solutions delivers
unparalleled visibility across the application lifecycle."

Fortify and HP will first focus on integrating Fortify 360 static application
security testing results into HP Assessment Management Platform (AMP) to give
customers a real-time dashboard view of application security scanning efforts
enterprise-wide. The collaboration also includes integration of Fortify 360
source code security results with HP Quality Center's defect management
system. This will enable customers to seamlessly submit security issues
detected by Fortify 360 source code analysis into HP Quality Center's defect
management system so they can be managed like other software defects.

According to Joseph Feiman, VP and Gartner Fellow, "Conceptually, static tools
test applications from the 'inside out,' whereas dynamic tools test
applications from the 'outside in.' These techniques are complementary, and we
believe that vendors have greater vision if they integrate static and dynamic
testing to increase the breadth of application lifecycle coverage and the
accuracy of vulnerability detection."

About Fortify Software, Inc.
Fortify(R)'s Software Security Assurance products and services protect
companies from the threats posed by security vulnerabilities in
business-critical software applications. Its software security suite - Fortify
360 - drives down costs and security risks by automating key processes of
developing and deploying secure applications. Fortify Software's customers
include government agencies and FORTUNE 500 companies in a wide variety of
industries, such as financial services, healthcare, e-commerce,
telecommunications, publishing, insurance, systems integration and information
management. The company is backed by world-class teams of software security
experts and partners. More information is available at www.fortify.com or
visit our blog.



SOURCE  Fortify Software

Katherine Nellums of Merritt Group, +1-415-247-1663, Nellums@merrittgrp.com,
for Fortify Software