Fortify Software Debuts Next-Generation Web Application Hybrid Security Analysis with HP

Advancement of integrated static and dynamic security technology, named Hybrid 2.0, provides more accurate and actionable results to reduce security risks for less cost

(PresseBox) ( London, )
Fortify® Software, the market leader in Software Security Assurance (SSA) solutions, debuted the next generation hybrid security analysis technology for testing web applications. Developed in collaboration with HP, Hybrid 2.0 enables teams across the application lifecycle to improve visibility into security risks, increase test accuracy and produce more secure web applications through new advances in correlating static and dynamic testing results.

Using advanced correlation techniques, Hybrid 2.0 connects penetration test results directly to source code analysis results revealing hidden vulnerability relationships and exposing their root cause within the application source code. This allows security professionals and development teams to more accurately identify and prioritize vulnerabilities, and more productively investigate and remediate security defects in the source code.

"The correlation of both static and dynamic testing solutions increases the accuracy of vulnerability detection, reduction of both falsepositives and false negatives, and broader coverage of the application," said Joseph Feiman, VP and Gartner Fellow.

"Securing applications is imperative given the dramatic rise in softwarebased attacks," states Karl Smith, Head of Security Assurance Services, BT Global Services. "As part of our software security assurance services, within our Secure Network Quickstart programme, we not only look to be comprehensive in our vulnerability discovery, but also reduce cost in all aspects of our programs - especially remediating discovered software flaws. With Hybrid 2.0, Fortify and HP enable my teams to be significantly more productive by dramatically reducing the manual efforts to validate, prioritize, and fix issues discovered through separate application security testing."

Hybrid 2.0 is delivered through the integrated solutions of HP Assessment Management Platform (AMP), Fortify Source Code Analysis (SCA) and Fortify Program Trace Analyzer (PTA). This provides deep insight into application security by making visible the connection between issues discovered through dynamic and static testing mechanism.

"Our next generation hybrid analysis technology offers customers a dramatic step forward in achieving their software security assurance goals," said Barmak Meftah, Chief Products Officer at Fortify Software. "While other vendors offer point solutions or firstgeneration capabilities, Fortify and HP are delivering integrated technologies that enable businesses to more effectively reduce risk associated with insecure web applications."

"Organizations want to reduce the incidence and costs of security risks in their applications," said Jonathan Rende, Vice President and General Manager of Business Technology Optimization Applications in the Software and Solutions organization at HP. "HP and Fortify's Hybrid 2.0 solution address the biggest application vulnerabilities, resulting in reduced business risk and lowered costs for clients."

Many Hybrid 2.0 capabilities are available today, with package availability expected in the second half 2010. For more information on the integrated solution, please visit www.fortify.com.
The publisher indicated in each case is solely responsible for the press releases above, the event or job offer displayed, and the image and sound material used (see company info when clicking on image/message title or company info right column). As a rule, the publisher is also the author of the press releases and the attached image, sound and information material.
The use of information published here for personal information and editorial processing is generally free of charge. Please clarify any copyright issues with the stated publisher before further use. In the event of publication, please send a specimen copy to service@pressebox.de.