Fortify Software Sponsors FindBugs Open Source Project

Fortify Software Inc., a leading provider of security products that help companies identify, manage and remediate software vulnerabilities to mitigate enterprise security risk, today announced that Fortify has joined the FindBugs project as a sponsor, and is helping to expand the functionality of the open source tool, which has had over 200,000 downloads.

FindBugs, originally developed by William Pugh, professor at the University of Maryland, Packard Fellow, and a member of Fortify's Technical Advisory Board, is an open source software tool which looks for bugs in Java programs and detects common coding mistakes. The software is based on the concept of bug patterns, and shows potential problems to programmers as they code.

In addition to its sponsorship, Fortify also announced Findbugs' integration with its award winning Fortify Source Code Analysis product. Developers can run FindBugs in conjunction with Fortify Source Code Analysis, and can then load and view the results from various Fortify tools such as Fortify Audit Workbench and Fortify Software Security Manager, giving developers a central view of all results.

"Bugs are a fact of life. I try as hard as I can to write bug-free code, but still the bugs creep in," said Josh Block, Chief Java technology architect at Google. "Since you can't avoid introducing bugs, it's critical to find and exterminate them. FindBugs is the easiest, most effective way I know to find the bugs that lurk in my code."

"We are proud to support the FindBugs project, as a sponsor and through integration with our Fortify Source Code Analysis product," said Barmak Meftah, Fortify's Vice President of Engineering and Operations. "Our goal of ensuring software security and protecting the vital assets of our customers is complementary to FindBugs' goal of finding bugs in Java software, and we are proud to align ourselves with this open source organization. We look forward to working with FindBugs, and helping them to develop and expand their leading bug-finding tools."

"FindBugs has been a very interesting project, and I'm excited that it has become so widely used and useful," said William Pugh, a professor of Computer Science at the University of Maryland. "When David Hovemeyer, the Ph.D. student who developed FindBugs as part of his thesis, graduated, I was worried that we wouldn't be able to maintain the level of engineering support that a widely used tool such as FindBugs needs, or do many other useful things not easily be funded by academic research grants. The partnership with Fortify Software is a win for everyone. It gives Fortify's customers an integrated tool to detect bugs, and it gives us funds to support and improve the open source FindBugs infrastructure. The partnership with Fortify will help provide us with feedback on the real needs of production developers, and give us a strong and widely deployed platform on which to build additional tools to improve software reliability."

About Fortify Software, Inc.

Fortify Software products protect companies from the threats posed by security flaws in business-critical software applications. Its software security products, Fortify Source Code AnalysisSuite, Fortify Security Tester and Fortify Application Defense, drive down costs and security risks by automating key processes of developing and deploying secure applications. Fortify Software is backed by leading investors, including Kleiner, Perkins, Caufield & Byers, and a world-class team of software security advisors and partners. More information is available at http://www.fortifysoftware.com.

About FindBugs

FindBugs looks for bugs in Java programs and is free software, available under the terms of the Lesser GNU Public License. It is written in Java, and can be run with any virtual machine compatible with Sun's JDK 1.4. It can analyze programs written for any version of Java. It can be run from the command line, from within Ant, a GUI tool, or IDE's such as Eclipse and Netbeans. FindBugs was originally developed by David Hovemeyer and Bill Pugh. It is maintained by Bill Pugh, David Hovemeyer, Brian Cole, and a team of volunteers. More information is available at http://findbugs.sourceforge.net .

Related Articles

• Serval Systems Enters North American Retail Management Software Market; Serval Retail Manager Software Extends Presence beyond Native South Africa
  Monday, 15 May 2006



• KnowledgeTree Document Management Software Now Available in Professional and Open Source Editions
  Friday, 12 May 2006



• OpenLogic Launches Consolidated Enterprise Support Offering That Pays Qualified Community Experts to Support Open Source Software
  Tuesday, 9 May 2006



• Unisys Expands Relationship with JBoss for Services Supporting Enterprise - Ready Open Source Applications
  Monday, 8 May 2006



• Hydro Oil and Energy Leverages Scali Software to Manage Norway's Most Powerful Linux Cluster
  Sunday, 7 May 2006



• LogLogic Unveils Project Lasso, Brings Open Source Event Management to Windows
  Tuesday, 2 May 2006



• Exadel to Present on JSF and AJAX Business Solutions at MySQL Users Conference
  Thursday, 20 April 2006



• Neumont University Collaborative Project Among Students and Instructor Results in the Development of New Open Source Technology
  Tuesday, 18 April 2006



• Sun Microsystems Announces Open Source Enterprise Development Tool Project
  Wednesday, 12 April 2006



• Directive Corporation Leverages Pervasive Software Integration for Rapid Deployment of Its Retail Data Mart Solution
  Tuesday, 11 April 2006



• BSDRadius Published Under Open Source
  Sunday, 9 April 2006



• Newest Release of Avocent Management Software Integrates with Cyclades Console Managers
  Thursday, 6 April 2006



• CGA-Canada Partners With Sage Software for CGA Program of Professional Studies
  Thursday, 6 April 2006



• Novell Extends Open Source Leadership With SUSE Linux 10.1
  Tuesday, 4 April 2006



• A NEW CROSS-PLATFORM "TURQUOISE CRM" RELEASED WITH OPEN SOURCE LICENSE
  Wednesday, 22 March 2006