PALO ALTO, Calif., Oct. 2 /PRNewswire/ -- Fortify Software, the leading provider of security products that help companies identify, manage and remediate software vulnerabilities, today announced the immediate availability of Fortify Source Code Analysis Suite 4.0. The latest edition of Fortify's award-winning software security suite builds on its proven record of identifying and eliminating the most security vulnerabilities, and introduces important new features that will benefit development, audit, and information security teams for enterprise deployments. "Securing exposed applications and Web services continues to be a critical enterprise need," said Mike Armistead, Vice President of Products, Fortify Software. "Fortify Source Code Analysis Suite is the de facto standard in source code security analysis and this new version provides significant enhancements based on the experience from our multi-industry, wide-ranging deployments across the globe." For Information Security teams, Fortify Source Code Analysis 4.0 offers increased support for enterprise deployments, including additional management controls, increased customization capabilities, and expanded reporting abilities. For Software Security Auditors, it provides an enhanced rule writing capability and increased clarity into the analysis process. For Developers, Fortify Source Code Analysis 4.0 brings expanded language support, integration with the popular open-source defect detection tool Findbugs, and a new "touchless build" feature that makes integrations with build and development environments even easier. "Fortify Source Code Analysis 4.0 delivers enhanced performance and advanced features, providing customers with the confidence that their software is secure and therefore complete," said Barmak Meftah, Vice President of Engineering, Fortify Software. "These new features further enhance the product to better support development and security organizations from the desktop to the enterprise." About Fortify Source Code Analysis Suite 4.0 Fortify Source Code Analysis Suite delivers market leading capabilities that help security, testing and development teams eliminate security vulnerabilities in software applications. Fortify Software's patent-pending technology delivers the most accurate and reliable results, with low false positives. An extensive knowledge base of secure coding rules provides confidence that critical vulnerabilities will be identified and eliminated in order to make software complete before it is deployed. Fortify Source Code Analysis Suite is designed to be implemented quickly and efficiently with customer environments, and seamlessly analyzes across application architectural tiers, languages (Java, .NET (C#, VB), C/C++, JSP, PL/SQL, Cold Fusion, T-SQL, & XML), platforms (Windows, Linux, Solaris, AIX, Mac OS X), and systems. In addition, it provides customizable reporting and rules capabilities to provide tailored results that meet different groups' needs. Fortify Source Code Analysis 4.0 new features include: -- Expanded Support for Enterprise Deployments, including: - Fortify Software Security Manager 4.0 adds new reports and options to its pre-packaged reports. Gain insight and share valuable data with new reports such as the Single Scan Report -- a report that brings together relevant information from an individual scan, including top 10 problem files, vulnerability category distribution and issue totals. - Improved report file format support lets organizations create custom reports in more formats, including Microsoft Word. - Fortify Software Security Manager's dashboard view can now be personalized to display select projects and groups for each authorized user. - Fortify Software Security Manager enhances and expands its reporting capabilities for project groups. With Version 4.0, you can report on projects however you define them -- per single code module or a logical grouping of many applications. - Fortify Software Security Manager leverages current investments, and makes permission management significantly easier. Users can now: * manually define custom user groups * select from an organization's existing LDAP-compatible user directory (such as Microsoft Active Directory). Fortify Software Security Manager will inherit groups, project permissions and authorization roles already defined by the LDAP directory. - Fortify Software Security Manager's database records can be encrypted for increased security. -- Findbugs Integration: Findbugs, a popular open-source program that discovers over 250 bug types in Java code, has been integrated into Fortify Audit Workbench. Now developers can review quality and security defects together, saving time and improving the ease of use. -- Touchless Builds: Get results quickly through easy integration with build and development environments. Complex systems which utilize standard build tools such as Apache ant, Unix make, and Windows make can be analyzed in their entirety with a single Fortify SCA command. -- Results Certification: This new capability provides source code security auditors and security teams with exact details of what files, settings, and rules were used in an analysis. -- Custom Structural Rules: Security leads can now create custom structural rules, including rules that search for comments or string literals in C/C++ and Java source code. -- Additional Language Support: Fortify now offers support for Cold Fusion 5.0 and JSP Expression Language, as well as expanded structural analysis for .NET. -- Storage and Performance Improvements: Fortify Source Code Analysis engine now produces highly compressed results files, dramatically reducing storage requirements and upload speeds into Fortify Audit Workbench and Integrated Development Environments. About Fortify Software, Inc. Fortify Software products protect companies from the threats posed by security flaws in business-critical software applications. Its software security products, Fortify Source Code Analysis Suite, Fortify Security Tester and Fortify Application Defense drive down costs and security risks by automating key processes of developing and deploying secure applications. Fortify Software's customers include government agencies and Fortune 500 companies in a wide variety of industries such as financial services, healthcare, e-commerce, telecommunications, publishing, insurance, systems integration and information management. The company is backed by a world-class team of software security experts and partners. More information is available at www.fortifysoftware.com .
SOURCE Fortify Software, Inc.