Watchfire and Fortify Software Partner to Offer Comprehensive Web Application Security Scanning and Source Code Analysis Solution; Integrated Solution Secures Software Throughout Development Lifecycle.PALO ALTO Palo Alto, city, California Palo Alto (păl`ō ăl`tō), city (1990 pop. 55,900), Santa Clara co., W Calif.; inc. 1894. Although primarily residential, Palo Alto has aerospace, electronics, and advanced research industries. , Calif. & WALTHAM, Mass. -- Fortify Software Fortify Software is a Palo Alto, California-based software vendor. The company was founded in 2003 and provides software security products that identify and remove security vulnerabilities from software applications throughout the development, testing, and deployment cycles. , the leading provider of source code analysis products and Watchfire, the worldwide market-leading provider of web application vulnerability assessment A Department of Defense, command, or unit-level evaluation (assessment) to determine the vulnerability of a terrorist attack against an installation, unit, exercise, port, ship, residence, facility, or other site. software and services, today announced a strategic partnership that will integrate the two companies' best-of-breed solutions. The integration of Fortify for·ti·fy v. for·ti·fied, for·ti·fy·ing, for·ti·fies v.tr. To make strong, as: a. To strengthen and secure (a position) with fortifications. b. To reinforce by adding material. (R) Source Code Analysis Suite and Watchfire(R) AppScan(R) will bring to market a single solution to easily identify, analyze and remediate security vulnerabilities throughout the software development lifecycle (SDLC (Synchronous Data Link Control) The primary data link protocol used in IBM's SNA networks. It is a bit-oriented synchronous protocol that is a subset of the HDLC protocol. See SNA, DLC and Microsoft DLC. 1. ). Customers will benefit from a single user interface to view vulnerability data in one dashboard. Correlating source code and web application security scan A test of a network's vulnerabilities. A security scan does not attempt to break into the network illegally; rather it tries to find areas of vulnerability. A security scan uses a variety of automated software tools, typically performing hundreds of routine tests and checks. results will increase the precision of identifying security vulnerabilities, provide critical information that helps users understand the impact vulnerabilities will have on the compiled code, and pinpoint specifically where errors exist -- easing the remediation process. The partnership also includes joint marketing and reselling opportunities. Fortify Source Code Analysis Suite and Watchfire AppScan check for security vulnerabilities throughout the SDLC from development through deployment. AppScan scans web applications in pre- and post-deployment and analyzes them for security vulnerabilities. Fortify Source Code Analysis Suite finds, tracks and helps fix the exact code where security vulnerabilities lie, allowing developers to deliver secure software quickly and efficiently. When combined, the two market-leading solutions will achieve an even higher level of precision in recognizing security vulnerabilities and identifying the exact cause and location of errors within the source code. "Scanning both raw source code and compiled web applications for software vulnerabilities is essential to ensuring the security of application systems," said Bruce H. Bonsall, Chief Information Security Officer, MassMutual Financial Group. "Today we use two different tool sets to accomplish those separate but related tasks. Having one interface to monitor the results of both code scanning and web vulnerability testing of our applications will likely save us time and resources. I like the decision by Fortify and Watchfire to align their development and marketing efforts. By virtue of such a partnership, the integration of the tools isn't left to the end users and they don't need to navigate two different interfaces. That helps simplify things and lets users focus on more important issues." According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Gartner research, "Through 2010, software development organizations that integrate security into their software development life cycles will experience an 80 percent decrease in critical vulnerabilities found in their publicly released software or externally facing web applications."(1) Fortify and Watchfire's integrated solution will bring to market the following advantages to developers and security experts: --An integrated dashboard that will provide high-level visibility across the enterprise enabling companies to pinpoint and identify application vulnerabilities throughout their entire organization --Improved visibility, metrics and compliance reporting --Correlation between Watchfire AppScan and Fortify's Source Code Analysis results will lead to better accuracy and completeness of the findings --The ability to identify, analyze and remediate security vulnerabilities throughout the software development lifecycle (SDLC) with one solution Both the Fortify and Watchfire solutions work with existing development and audit tools, thus increasing the efficiency and accuracy of the software development, testing and resolution processes. "Having built the first patent-pending solution that integrates source code analysis and black-box testing black-box testing - functional testing , we believe it's critical to combine these two capabilities into one solution and deliver a single dashboard interface and increased precision for software security overall," said John M. Jack, Chief Executive Officer, Fortify Software. "We chose to partner with Watchfire not only because they are the undisputed leader in black-box testing and the solution of choice for many of our customers, but because the partnership could quickly deliver on this vision of a best-of-breed, integrated solution demanded by our customers. Together, we can reach a larger audience of customers with a more comprehensive software security solution." "In 2006, research from two leading industry analyst firms indicated that Watchfire is the market-share leader in application security testing Security Testing: (The) Process to determine that an IS (Information System) protects data and maintains functionality as intended. The six basic security concepts that need to be covered by security testing are: confidentiality, integrity, authentication, authorisation, solutions. By joining forces with Fortify, the market leader in source code analysis, we have created a very powerful partnership with over 900 combined customers," said Peter McKay
Peter McKay (1925 – 2000) was a Scottish footballer who played mainly for Dundee United and holds the record of being the club's all-time top goalscorer with 158 league , Chief Executive Officer, Watchfire. "Our respective customers are interested in combining both web application scanning and code scanning for an exponentially more secure software development lifecycle that not only yields higher quality applications, but is more cost-effective in the long run. Through this partnership, the market will benefit from an unprecedented and integrated solution combining the industry's most proven and widely adopted technologies." Watchfire and Fortify will conduct joint demonstrations of the AppScan and Source Code Analysis Suite integration at the Cyber Security Executive Summit 2006 on September 13 - 14, 2006 at the Jacob Javits Center in New York City New York City: see New York, city. New York City City (pop., 2000: 8,008,278), southeastern New York, at the mouth of the Hudson River. The largest city in the U.S. . About Fortify Software, Inc. Fortify Software products protect companies from the threats posed by security flaws in business-critical software applications. Its software security products, Fortify Source Code Analysis Suite, Fortify Security Tester and Fortify Application Defense, drive down costs and security risks by automating key processes of developing and deploying secure applications. Fortify Software's customers include government agencies and Fortune 500 companies in a wide variety of industries such as financial services The examples and perspective in this article or section may not represent a worldwide view of the subject. Please [ improve this article] or discuss the issue on the talk page. , healthcare, e-commerce, telecommunications, publishing, insurance, systems integration and information management. The company is backed by a world-class team of software security experts and partners. More information is available at www.fortifysoftware.com. About Watchfire Watchfire provides Online Risk Management software and services to help ensure the security and compliance of websites. More than 500 enterprises and government agencies, including AXA AXA Anguilla, Anguilla (Airport Code) AXA Alpha Chi Alpha AXA Animal Crossing Ahead (online forum community/guide to the game Animal Crossing) AXA Auxiliary Artery Financial, SunTrust, HSBC HSBC Hongkong and Shanghai Banking Corporation HSBC Humane Society of Broward County (Florida) HSBC Humane Society of Bay County (Bay County, Michigan) , Vodafone, Veterans Affairs and Dell rely on Watchfire to audit and report on issues impacting their online business. Watchfire has been the recipient of several industry honors including the HP/IAPP Privacy Innovation Award, InfoSecurity Product Guide's Hot Security Company 2006, Computerworld's Innovative Technology Award, and "Recommended" rating by Computer Reseller News. Watchfire was named by IDC as the worldwide market-share leader in Web application vulnerability assessment software. Watchfire's partners include IBM Global Services IBM Global Services is the world's largest business and technology services provider. It is the fastest growing part of IBM, with over 190,000 professionals serving customers in more than 160 countries. , Sapient sa·pi·ent adj. Having great wisdom and discernment. [Middle English, from Old French, from Latin sapi , PricewaterhouseCoopers, TRUSTe, Microsoft, Interwoven in·ter·weave v. in·ter·wove , in·ter·wo·ven , inter·weav·ing, inter·weaves v.tr. 1. To weave together. 2. To blend together; intermix. v.intr. , WebTrends, EMC (1) (EMC Corporation, Hopkinton, MA, www.emc.com) The leading supplier of storage products for midrange computers and mainframes. Founded in 1979 by Richard J. Egan and Roger Marino, EMC has developed advanced storage and retrieval technologies for the world's largest companies. Documentum and Mercury. Watchfire is headquartered in Waltham, MA. For more information, please visit www.watchfire.com. Watchfire, WebXM, AppScan, PowerTools, the Bobby Logo and the Flame Logo are trademarks or registered trademarks of Watchfire. All other products, company names, and logos are trademarks or registered trademarks of their respective owners. (1)Source: Gartner Research, "Integrate Security Best Practices and Tools Into Software Development Life Cycle," 10 February 2006, Amrit T. Williams, Neil MacDonald. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion