Fortify Software Security Center is a suite of tightly integrated solutions for fixing and preventing security vulnerabilities in applications. It eliminates software security risk by ensuring that all business software— whether it is built for the desktop, mobile or cloud—is trustworthy and in compliance with internal and external security mandates. Fortify Software Security Center secures all software in the enterprise, regardless of whether it is developed in-house, procured from 3rd party vendors, or running in production.
- Speed triage, audit and testing with central test result access and visibility
- Get siloed teams to collaborate on resolving security issues
- Provide a clear, accurate picture of software risk across your enterprise
- Identify areas for improvement to accelerate the reduction of risk and expense
Fortify Software Security Center
A suite of tightly integrated solutions for identifying, prioritizing, and fixing security vulnerabilities in software. It automates key processes of developing and deploying secure applications. It helps you resolve software vulnerabilities integrating vulnerability analysis across the entire software life cycle—from development to QA testing and even deployed applications.
Application Security Testing
Security testing with Fortify Software Security Center helps you quickly gain an accurate picture of risk in your applications, no matter if they’re developed in-house or by vendors. It provides you with the broadest set of security testing capabilities available, such as:
Fortify Static Code Analyzer (SCA)
Static Analysis, also known as Static Application Security Testing (SAST), is available from Fortify Static Code Analyzer (SCA).
- Detects more types of potential vulnerabilities than any other detection method
- Pinpoints the root cause of vulnerabilities with line-of-code detail
- Helps you identify critical issues during development when they are easiest and least expensive to fix
Dynamic Analysis, also known as Dynamic Application Security Testing (DAST), is available from HP WebInspect.
- Detects vulnerabilities in running Web applications and Web services by simulating comprehensive attack scenarios
- Validates whether a particular vulnerability is in fact, genuinely exploitable
- Speeds remediation by enabling you to know with certainty which issues to address first and why
Fortify on Demand
Fortify on Demand serves the role of an independent, third-party system of record, conducting a consistent, unbiased analysis of an application and providing a detailed tamper-proof report back to the security and development teams.
- Easy to manage: No hardware, no software, and no maintenance
- Fast: Results typically in less than 24 hours for static assessments
- Compliant: Quickly pass compliance PCI, HIPAA, FISMA, and many other standards
- Flexibility: Migrate easily and quickly to the Fortify on-premise solution and vice versa
Secure Development with Fortify
- Fix, track, and report on vulnerabilities through a centralized management server.
- Define the process, policy and controls around your application security program with Governance.
- Manage and control your application security program with our on-premise solution.
- Test the security of any application without any hardware and software to install or manage with Fortify on Demand.
- Leverage the security expertise and experience of our managed services to help start-up or deploy any software security program.