Fortify Software delivers governance to software security

Fortify announced the latest release of its software security suite, Fortify 360, as well as its first-ever hosted software security solution, Fortify Vendor Security Management.

Fortify 360 is a suite of solutions to contain, remove and prevent vulnerabilities in software applications. The latest release now includes governance capabilities allowing enterprises to fully manage their organization-wide Software Security Assurance effort. Fortify Vendor Security Management provides enterprises with analysis technologies through a software-as-a-service offering, enabling companies to inspect the security of applications when source code is not available from commercial software vendors.

The addition of a Web-based SSA Governance module in Fortify 360 allows enterprises to:

• Create and manage a detailed application inventory of all enterprise software, and assign risk profiles to all applications, such as those that are Web-facing, outsourced or built in-house
• Automatically generate appropriate security policies tailored to each risk profile and apply them consistently
• Communicate and track processes via a centralized system accessible to developers and security teams.

Fortify Vendor Security Management is Fortify’s first Software-as-a-Service solution. It enables security teams to assess and verify the security of third-party software while allowing the vendor to stay in control of the process. Software vendors can upload their binaries, have a scan conducted, address any issues, and publish a report summarizing the security of their application back to the security team.