Introducing Fortify
Software Security Assurance
Because Your Most Valuable Software Is Also Your Most Vulnerable
Software Security Assurance (SSA) is a growing industry trend that refers to technologies and techniques that enable you to maximize the flexibility, enhanced capabilities and easy availability of enterprise software without exposing your operations to attacks that can threaten your business. In short SSA answers the question "How do you know your business is secure?"
Fortify's vision and implementation of Software Security Assurance results in applications that are inherently secure and impervious to attack, even if intruders get past network perimeter defenses.
CISO Guide Series
According to Gartner, 75 percent of security breaches are now facilitated by applications. These data security breaches have enormous costs associated with them in terms of time and effort for litigation, remediation, and reputation restoration. Fortify has assembled the CISO's Guide Series, a collection of briefs that provide a checklist of key security activities CISOs and their teams should perform regarding critical initiatives and technologies.
CISO's Guide to Application Security
Getting application security right is hard. But it's easier when you're organized and systematic. In six steps, learn the best practices on how to deploy an application security program.
CISO's Guide to Web 2.0 Security
Web 2.0 is a security nightmare. Learn how to put in place the essential activities to secure rich client interfaces (AJAX, Adobe/Flex) as well as access to social networking sites inside your organization's IT environment.
CISO's Guide to Securing Open Source Software
Open source is cheap, but is it secure? Understand how to implement an open source screening and deployment process that integrates development and security.
CISO's Guide to Outsourcing
Lose control when you outsource? Not necessarily. Learn the essential best practices to adopt to ensure the security of company and customer information when development is not in house.
CISO's Guide to Commercial Off–The–Shelf Software (COTS)
Even in software, off the rack doesn't always mean ready to wear. Learn the ten steps to ensure your COTS deployment is secure.
CISO'S Guide To: Creating and Managing the Secure Development Lifecycle (SDLC)
Impending deadlines can force the release of software that doesn't meet security criteria, so often it's an easy corner to cut. A CISO can face the situation of being the party responsible for security, but without any real authority to control the toll gates of product releases.
Podcasts
Application Security Over-Confidence: Facts & Myths Revealed in the Banking Industry
In a recent survey conducted by Information Security Media Group, respondents say they are more confident in their own applications vs. those developed by third-party service providers ... yet, their internal processes do nothing to justify any level of confidence. Hear Roger Thornton, founder and CTO of Fortify Software, discuss the survey results and his own market perspective.
How Europe's largest e-commerce business secures its applications
Adrian Asher, Chief Security Officer at Betfair, an online UK betting exchange explains how he manages a "culture of security" and protects the Betfair brand in this 20-minute candid interview.
Research Report
2009 Gartner Magic Quadrant for Static Application Security Testing (SAST)
Researching solution providers is critical to choosing the right vendor for you. This detailed Gartner research report offers valuable insight to the market landscape of Static Application Security Testing solutions (SAST) for your organization.
White Papers
The Application Security Imperative - Now is the Time to Protect Your Critical Information Assets
For financial institutions, a dicey economic landscape can translate into a lot more than a credit crunch and wildly fluctuating stocks. Desperate times stimulate criminal activity. And that threat calls for tighter security—not just to satisfy regulators, but also to instill consumer confidence. View the recent survey results by Information Security Media Group, publisher of BankInfoSecurity.com and CUinfoSecurity.com.
Open Source Security Study - How Are Open Source Development Communities Embracing Security Best Practices?
Fortify's Open Source Security Study reveals that the most widely-used open source software packages for the enterprise are exposing users to significant and unnecessary business risk
Achieving Software Security with Wipro Security Assurance Center Services
Powered by Fortify, Wipro's Software Assurance Center (SAC) is a new service that provides Software Security Assurance in a scalable and cost-effective way. Whether you need to identify your most critical application vulnerabilities, achieve compliance or bolster an existing software security initiative, Wipro's SAC can help you achieve your objectives in less time and for less cost.
Advancing Software Security Assurance in the Enterprise - Fortify® SSA Consulting Services
As the number and severity of data security breaches increase, organizations everywhere are finding it necessary to implement practices that will help assure the security of their software. To assist corporations seeking to adopt leading practices in software security, Fortify offers a portfolio of SSA Consulting Services.