HPE Security Fortify is a part of application security platform of HPE Security. Software security solutions from HPE Security Fortify cover entire software development lifecycle (SDLC) for mobile, third party and website security.
More than 80% of today’s cyber attacks target applications. An integrated, holistic, approach to application security is crucial for agile development. You need to systematically test and scan all applications, whether they’re developed in-house, by a third-party, open source or off-the-shelf.
Fortify offers application security solutions on-premise and on-demand to cover all of your software security needs including mobile app security and web security.
HPE Security Fortify Software Security Center (SSC) enables any organization to automate any or all aspects of a successful SSA program. SSC is a centralized management repository providing visibility to an organizations entire application security program, helping to resolve security vulnerabilities across the software portfolio. Users can review, manage and prioritize remediation efforts, track software security testing activities, and measure improvements. It allows an organization to measure and control their security posture across many teams and applications.
HPE Security Fortify offers the broadest set of software security testing products that span your Software Development LifeCycle:
• HPE Security Fortify Static Code Analyzer, Static Application Security Testing (SAST)
It is used to identify the root cause of vulnerabilities during development, and prioritizes those critical issues when they are easiest and least expensive to fix. Detects 691 unique categories of vulnerabilities across 22 programming languages and spans over 835,000 individual APIs.
• HPE Security DevInspect
It empowers developers to accelerate development by identifying and remediating security vulnerabilities in source code within the developers environment in real-time, enabling them to integrate security even earlier in the SDLC.
• HPE Security WebInspect, Dynamic Application Security Testing (DAST)
It offers automated dynamic testing that identifies security vulnerabilities and prioritizes the critical issues for root-cause analysis in running Web applications and Web services. Integrates runtime analysis to identify more vulnerabilities by expanding coverage of the attack surface.
• HPE Security Application Defender, Runtime Application Self-Protection (RASP)
It identifies attacks on software vulnerabilities and other security violations in production applications and protects them from exploitation in real time.
• HPE Security Fortify on Demand, Security as a Service (SaaS)
It is a part of the offering that allows easy and flexible way to test the security of your software quickly, accurately, and without dedicating additional resources, or having to install and manage any software.