2215 Bridgepointe Pkwy, Suite 400
94404 San Mateo, CA, us
+44 (20) 71832-832
Fortify Software Debuts Next-Generation Web Application Hybrid Security Analysis with HP
Advancement of integrated static and dynamic security technology, named Hybrid 2.0, provides more accurate and actionable results to reduce security risks for less cost
Using advanced correlation techniques, Hybrid 2.0 connects penetration test results directly to source code analysis results revealing hidden vulnerability relationships and exposing their root cause within the application source code. This allows security professionals and development teams to more accurately identify and prioritize vulnerabilities, and more productively investigate and remediate security defects in the source code.
"The correlation of both static and dynamic testing solutions increases the accuracy of vulnerability detection, reduction of both falsepositives and false negatives, and broader coverage of the application," said Joseph Feiman, VP and Gartner Fellow.
"Securing applications is imperative given the dramatic rise in softwarebased attacks," states Karl Smith, Head of Security Assurance Services, BT Global Services. "As part of our software security assurance services, within our Secure Network Quickstart programme, we not only look to be comprehensive in our vulnerability discovery, but also reduce cost in all aspects of our programs - especially remediating discovered software flaws. With Hybrid 2.0, Fortify and HP enable my teams to be significantly more productive by dramatically reducing the manual efforts to validate, prioritize, and fix issues discovered through separate application security testing."
Hybrid 2.0 is delivered through the integrated solutions of HP Assessment Management Platform (AMP), Fortify Source Code Analysis (SCA) and Fortify Program Trace Analyzer (PTA). This provides deep insight into application security by making visible the connection between issues discovered through dynamic and static testing mechanism.
"Our next generation hybrid analysis technology offers customers a dramatic step forward in achieving their software security assurance goals," said Barmak Meftah, Chief Products Officer at Fortify Software. "While other vendors offer point solutions or firstgeneration capabilities, Fortify and HP are delivering integrated technologies that enable businesses to more effectively reduce risk associated with insecure web applications."
"Organizations want to reduce the incidence and costs of security risks in their applications," said Jonathan Rende, Vice President and General Manager of Business Technology Optimization Applications in the Software and Solutions organization at HP. "HP and Fortify's Hybrid 2.0 solution address the biggest application vulnerabilities, resulting in reduced business risk and lowered costs for clients."
Many Hybrid 2.0 capabilities are available today, with package availability expected in the second half 2010. For more information on the integrated solution, please visit www.fortify.com.
The use of information published here for personal information and editorial processing is generally free of charge. Please clarify any copyright issues with the stated publisher before further use. In the event of publication, please send a specimen copy to firstname.lastname@example.org.