PALO ALTO, Calif., Oct. 2 /PRNewswire/ -- Fortify Software, the leading
provider of security products that help companies identify, manage and
remediate software vulnerabilities, today announced the immediate
availability of Fortify Source Code Analysis Suite 4.0. The latest edition
of Fortify's award-winning software security suite builds on its proven
record of identifying and eliminating the most security vulnerabilities,
and introduces important new features that will benefit development, audit,
and information security teams for enterprise deployments.
"Securing exposed applications and Web services continues to be a
critical enterprise need," said Mike Armistead, Vice President of Products,
Fortify Software. "Fortify Source Code Analysis Suite is the de facto
standard in source code security analysis and this new version provides
significant enhancements based on the experience from our multi-industry,
wide-ranging deployments across the globe."
For Information Security teams, Fortify Source Code Analysis 4.0 offers
increased support for enterprise deployments, including additional
management controls, increased customization capabilities, and expanded
reporting abilities. For Software Security Auditors, it provides an
enhanced rule writing capability and increased clarity into the analysis
process. For Developers, Fortify Source Code Analysis 4.0 brings expanded
language support, integration with the popular open-source defect detection
tool Findbugs, and a new "touchless build" feature that makes integrations
with build and development environments even easier.
"Fortify Source Code Analysis 4.0 delivers enhanced performance and
advanced features, providing customers with the confidence that their
software is secure and therefore complete," said Barmak Meftah, Vice
President of Engineering, Fortify Software. "These new features further
enhance the product to better support development and security
organizations from the desktop to the enterprise."
About Fortify Source Code Analysis Suite 4.0
Fortify Source Code Analysis Suite delivers market leading capabilities
that help security, testing and development teams eliminate security
vulnerabilities in software applications. Fortify Software's patent-pending
technology delivers the most accurate and reliable results, with low false
positives. An extensive knowledge base of secure coding rules provides
confidence that critical vulnerabilities will be identified and eliminated
in order to make software complete before it is deployed.
Fortify Source Code Analysis Suite is designed to be implemented
quickly and efficiently with customer environments, and seamlessly analyzes
across application architectural tiers, languages (Java, .NET (C#, VB),
C/C++, JSP, PL/SQL, Cold Fusion, T-SQL, & XML), platforms (Windows, Linux,
Solaris, AIX, Mac OS X), and systems. In addition, it provides customizable
reporting and rules capabilities to provide tailored results that meet
different groups' needs.
Fortify Source Code Analysis 4.0 new features include:
-- Expanded Support for Enterprise Deployments, including:
- Fortify Software Security Manager 4.0 adds new reports and options to
its pre-packaged reports. Gain insight and share valuable data with
new reports such as the Single Scan Report -- a report that brings
together relevant information from an individual scan, including top
10 problem files, vulnerability category distribution and issue
- Improved report file format support lets organizations create custom
reports in more formats, including Microsoft Word.
- Fortify Software Security Manager's dashboard view can now be
personalized to display select projects and groups for each
- Fortify Software Security Manager enhances and expands its reporting
capabilities for project groups. With Version 4.0, you can report on
projects however you define them -- per single code module or a
logical grouping of many applications.
- Fortify Software Security Manager leverages current investments, and
makes permission management significantly easier. Users can now:
* manually define custom user groups
* select from an organization's existing LDAP-compatible user
directory (such as Microsoft Active Directory). Fortify Software
Security Manager will inherit groups, project permissions and
authorization roles already defined by the LDAP directory.
- Fortify Software Security Manager's database records can be encrypted
for increased security.
-- Findbugs Integration: Findbugs, a popular open-source program that
discovers over 250 bug types in Java code, has been integrated into
Fortify Audit Workbench. Now developers can review quality and
security defects together, saving time and improving the ease of use.
-- Touchless Builds: Get results quickly through easy integration with
build and development environments. Complex systems which utilize
standard build tools such as Apache ant, Unix make, and Windows make
can be analyzed in their entirety with a single Fortify SCA command.
-- Results Certification: This new capability provides source code
security auditors and security teams with exact details of what files,
settings, and rules were used in an analysis.
-- Custom Structural Rules: Security leads can now create custom
structural rules, including rules that search for comments or string
literals in C/C++ and Java source code.
-- Additional Language Support: Fortify now offers support for Cold
Fusion 5.0 and JSP Expression Language, as well as expanded structural
analysis for .NET.
-- Storage and Performance Improvements: Fortify Source Code Analysis
engine now produces highly compressed results files, dramatically
reducing storage requirements and upload speeds into Fortify Audit
Workbench and Integrated Development Environments.
About Fortify Software, Inc.
Fortify Software products protect companies from the threats posed by
security flaws in business-critical software applications. Its software
security products, Fortify Source Code Analysis Suite, Fortify Security
Tester and Fortify Application Defense drive down costs and security risks
by automating key processes of developing and deploying secure
applications. Fortify Software's customers include government agencies and
Fortune 500 companies in a wide variety of industries such as financial
services, healthcare, e-commerce, telecommunications, publishing,
insurance, systems integration and information management. The company is
backed by a world-class team of software security experts and partners.
More information is available at www.fortifysoftware.com .
SOURCE Fortify Software, Inc.