Fortify Software

Fortify, an HP company

Type	owned by Hewlett Packard Company
Industry	Computer software
Founded	2003
Headquarters	San Mateo, California, U.S.
Key people	John M. Jack (former CEO)
Website	fortify.com and www.hp.com

Fortify Software is a San Mateo, California-based software vendor. The company was founded in 2003 and provides products that identify and remove security vulnerabilities from software applications.^[1][2] Its initial funding was provided by Kleiner, Perkins, Caufield & Byers. In September, 2010, the company announced it was acquired by Hewlett-Packard Company^[3] as part of its HP Software Division. It now operates as an HP company.

Contents 1 Technical Advisory Board 2 Security Research 3 Products 4 See also 5 References 6 External links

Technical Advisory Board

Fortify's technical advisory board includes Avi Rubin, Bill Joy, David A. Wagner, Fred Schneider, Gary McGraw, Greg Morrisett, Li Gong, Marcus Ranum, Matt Bishop, William Pugh and John Viega.

Security Research

Fortify continues to run a security research group which maintains the Java Open Review project^[4] and the Vulncat taxonomy of security vulnerabilities^[5]. Members of the group are also responsible for the book Secure Coding with Static Analysis and for published research, including JavaScript Hijacking^[6], Attacking the build: Cross build Injection^[7], Watch what you write: Preventing Cross-site scripting by observing program output^[8] and Dynamic taint propagation: Finding vulnerabilities without attacking^[9].

Products

The Fortify 360 product suite consists of the following components:^[10]

• Fortify 360 SCA (Source Code Analyzer): a tool for static analysis of application source code
• Fortify 360 PTA (Program Trace Analyzer): a tool for dynamic analysis when an application is running
• Fortify 360 RTA (Real-Time Analyzer): a web application firewall for dynamic analysis of deployed applications in real time
• Fortify 360 Collaboration Module: a web-based collaborative environment for fixing software flaws
• Fortify 360 Application Defense Module: protects Java and .NET_Framework applications from attacks
• Fortify 360 SSA Governance Module: for managing multi-project Software Security Assurance (SSA) programs

In February 2011, HP also announced Fortify On Demand, which provides static and dynamic analysis in the cloud.^[11]

See also

• List of tools for static code analysis

References

1. ^ Software Searches for Security Flaws (English), PCWorld.com, April 5, 2004
2. ^ A New Approach to Fortify Your Software (English), Internetnews.com, April 5, 2004
3. ^ HP Press Release: "HP Completes Acquisition of Fortify Software, Accelerating Security Across the Application Life Cycle." September 22, 2010.
4. ^ "Quality and Solutions for Open source Community"
5. ^ "Software security errors"
6. ^ "JavaScript Hijacking"
7. ^ "Attacking the Build through Cross-Build Injection"
8. ^ "Unknown"
9. ^ "Dynamic taint propagation"
10. ^ Fortify 360
11. ^ SD Times, “HP builds up its Security-as-a-Service .” February 15, 2011.

External links

• Fortify website
• HP Software official site
• HP Software Solutions Community
  • Gartner report, on Fortify website
• Java Open Review Project
• Software Isn't Complete Unless It's Secure, BusinessWeek, September 26, 2006 - Article by Fortify Software Advisor Bill Joy
• Vnunet.com: "Critical Linux Vulnerability Exposed."

Hewlett-Packard Company founders HP: William Hewlett • David Packard • Compaq: Rod Canion • Jim Harris • Bill Murto (HP and Compaq Merged on May 3, 2002)[1] Board of Directors Raymond J. Lane (Executive Chairman) • Marc Andreessen • Lawrence T. Babbio, Jr. • Sari M. Baldauf • Rajiv L. Gupta • John H. Hammergren • G. Kennedy Thompson • Gary M. Reiner • Patricia F. Russo • Dominique Senequier • Shumeet Banerji • Ann Livermore • Meg Whitman Executive Officers Meg Whitman • Todd Bradley • Cathie Lesjak • Dave Donatelli • Vyomesh Joshi • Michael J. Holston • Marty Homlish • Tracy Keogh • Bill Veghte • John Visentin • Jan Zadak • Prith Banerjee Computer hardware products Compaq Presario • Business Desktops • EliteBook • ProBook • Integrity • NonStop • ProLiant • Pavilion • TouchSmart • Mini • HP Envy • Slate 500 Consumer electronics and accessories Calculators • Deskjet • Photosmart • LaserJet • iPAQ • LightScribe • Palm • Scitex • Snapfish Other divisions 3com • ArcSight • Indigo Digital Press • Scitex • Insight Software • Mercury • ProCurve • HP Enterprise Services • TOWER Software Software Autonomy • WebOS • Vertica • HP QuickPlay • HyperSpace OS Discontinued products Compaq Deskpro • Compaq Evo • Compaq Portable • Compaq ProLinea • Compaq ProSignia • Compaq SystemPro • Jornada • Omnibook • iPod+HP • VoodooPC • TouchPad Closed Division VoodooPC • Logoworks HP CEOs List of HP CEO's in Order • Co-founders William Hewlett and David Packard • John A. Young • Lewis E. Platt • Carly Fiorina • Mark Hurd • Léo Apotheker • Meg Whitman Assets HP Garage • HP Labs See also Acquisitions • Agilent • HP spying scandal • Products • Mission: SPACE References ^ Official Press release announcing the closure of the merger. Annual revenue: US$104.2 billion (15% FY 2007) • Employees: 309,000 • Stock symbol: NYSE: HPQ • Website: hp.com