Fortify Software Introduces Fortify Source Code Analysis Suite 4.0
Sunday, 8 October 2006 Fortify Software, the leading provider of security products that help companies identify, manage and remediate software vulnerabilities, today announced the immediate availability of Fortify Source Code Analysis Suite 4.0. The latest edition of Fortify's award-winning software security suite builds on its proven record of identifying and eliminating the most security vulnerabilities, and introduces important new features that will benefit development, audit, and information security teams for enterprise deployments.
"Securing exposed applications and Web services continues to be a critical enterprise need," said Mike Armistead, Vice President of Products, Fortify Software. "Fortify Source Code Analysis Suite is the de facto standard in source code security analysis and this new version provides significant enhancements based on the experience from our multi-industry, wide-ranging deployments across the globe."
For Information Security teams, Fortify Source Code Analysis 4.0 offers increased support for enterprise deployments, including additional management controls, increased customization capabilities, and expanded reporting abilities. For Software Security Auditors, it provides an enhanced rule writing capability and increased clarity into the analysis process. For Developers, Fortify Source Code Analysis 4.0 brings expanded language support, integration with the popular open-source defect detection tool Findbugs, and a new "touchless build" feature that makes integrations with build and development environments even easier.
"Fortify Source Code Analysis 4.0 delivers enhanced performance and advanced features, providing customers with the confidence that their software is secure and therefore complete," said Barmak Meftah, Vice President of Engineering, Fortify Software. "These new features further enhance the product to better support development and security organizations from the desktop to the enterprise."
About Fortify Source Code Analysis Suite 4.0
Fortify Source Code Analysis Suite delivers market leading capabilities that help security, testing and development teams eliminate security vulnerabilities in software applications. Fortify Software's patent-pending technology delivers the most accurate and reliable results, with low false positives. An extensive knowledge base of secure coding rules provides confidence that critical vulnerabilities will be identified and eliminated in order to make software complete before it is deployed.
Fortify Source Code Analysis Suite is designed to be implemented quickly and efficiently with customer environments, and seamlessly analyzes across application architectural tiers, languages (Java, .NET (C#, VB), C/C++, JSP, PL/SQL, Cold Fusion, T-SQL, & XML), platforms (Windows, Linux, Solaris, AIX, Mac OS X), and systems. In addition, it provides customizable reporting and rules capabilities to provide tailored results that meet different groups' needs.
Fortify Source Code Analysis 4.0 new features include:
-- Expanded Support for Enterprise Deployments, including:
- Fortify Software Security Manager 4.0 adds new reports and options to
its pre-packaged reports. Gain insight and share valuable data with
new reports such as the Single Scan Report -- a report that brings
together relevant information from an individual scan, including top
10 problem files, vulnerability category distribution and issue
totals.
- Improved report file format support lets organizations create custom
reports in more formats, including Microsoft Word.
- Fortify Software Security Manager's dashboard view can now be
personalized to display select projects and groups for each
authorized user.
- Fortify Software Security Manager enhances and expands its reporting
capabilities for project groups. With Version 4.0, you can report on
projects however you define them -- per single code module or a
logical grouping of many applications.
- Fortify Software Security Manager leverages current investments, and
makes permission management significantly easier. Users can now:
* manually define custom user groups
* select from an organization's existing LDAP-compatible user
directory (such as Microsoft Active Directory). Fortify Software
Security Manager will inherit groups, project permissions and
authorization roles already defined by the LDAP directory.
- Fortify Software Security Manager's database records can be encrypted
for increased security.
-- Findbugs Integration: Findbugs, a popular open-source program that
discovers over 250 bug types in Java code, has been integrated into
Fortify Audit Workbench. Now developers can review quality and
security defects together, saving time and improving the ease of use.
-- Touchless Builds: Get results quickly through easy integration with
build and development environments. Complex systems which utilize
standard build tools such as Apache ant, Unix make, and Windows make
can be analyzed in their entirety with a single Fortify SCA command.
-- Results Certification: This new capability provides source code
security auditors and security teams with exact details of what files,
settings, and rules were used in an analysis.
-- Custom Structural Rules: Security leads can now create custom
structural rules, including rules that search for comments or string
literals in C/C++ and Java source code.
-- Additional Language Support: Fortify now offers support for Cold
Fusion 5.0 and JSP Expression Language, as well as expanded structural
analysis for .NET.
-- Storage and Performance Improvements: Fortify Source Code Analysis
engine now produces highly compressed results files, dramatically
reducing storage requirements and upload speeds into Fortify Audit
Workbench and Integrated Development Environments.
About Fortify Software, Inc.
Fortify Software products protect companies from the threats posed by security flaws in business-critical software applications. Its software security products, Fortify Source Code Analysis Suite, Fortify Security Tester and Fortify Application Defense drive down costs and security risks by automating key processes of developing and deploying secure applications. Fortify Software's customers include government agencies and Fortune 500 companies in a wide variety of industries such as financial services, healthcare, e-commerce, telecommunications, publishing, insurance, systems integration and information management. The company is backed by a world-class team of software security experts and partners. More information is available at http://www.fortifysoftware.com .
Source: prnewswire
All trademarks and copyrighted information contained herein are the property of their respective owners.
Related Articles
- Spring and Oracle Enhance Open Source Offering
Sunday, 8 October 2006
- IBM Expands Open Source Contributions to Further Enable Web 2.0 Adoption
Sunday, 8 October 2006
- Agilysys and Red Hat Partner To Deliver Open Source Solutions
Sunday, 8 October 2006
- Free Software and Resources Open Flood Gates for Online Trading
Wednesday, 6 September 2006
- SGI Brings Real-Time Performance and Streamlined Cluster Management to Open Source Linux With SGI ProPack 5
Wednesday, 6 September 2006
- Akaza Announces the 2,000th Download of OpenClinica Open Source Clinical Trials Software
Wednesday, 6 September 2006
- LogiXML Announces New Open Source Site for Business Intelligence Applications
Wednesday, 6 September 2006
- LogiXML Announces New Open Source Site for Business Intelligence Applications
Wednesday, 6 September 2006
- MySQL and RealPlayer Certify to the Linux Standard Base
Thursday, 24 August 2006
- Agile Software Company Announces First Open Source Product With Built-In Server Alerts
Thursday, 24 August 2006
- Outerthought Announces Version 1.5 of its Open Source CMS
Thursday, 24 August 2006
- VA Software to Present at SRA's Second Annual Summer Technology Conference
Tuesday, 1 August 2006
- Virtuas Open Source Solutions and Partners Honor the Apache Geronimo Project
Saturday, 29 July 2006
- MindTouch Announces Open Source Framework, Wiki
Friday, 28 July 2006
- The Apache Software Foundation Announces Preliminary Schedule and Registration Opening for Apachecon US 2006
Thursday, 27 July 2006
|
