Fortify Software Unlocks Benefits of the Cloud with Software Security Solutions
SAN MATEO, Calif., May 18 /PRNewswire/ — FortifyÃ‚® Software, the market leader in Software Security Assurance (SSA) solutions, today announced the availability of two new white papers, one business-oriented and one technical, intended to help cloud infrastructure providers and their customers understand how to unlock the full benefits of the cloud through software security. The company also announced new capabilities in its Fortify 360 and Fortify on Demand products that include cloud-specific vulnerability analysis, the industry’s first software security Cloud Readiness Scorecard(TM), and remediation capabilities that enable teams not just to evaluate the readiness of their software for cloud environments, but to find and fix security vulnerabilities that could be caused specifically by a move to a cloud environment. The solutions are ideal for both enterprises and agencies that are considering a move to the cloud, and cloud providers that offer shared infrastructure services to clients.
“The shared nature of the cloud dramatically amplifies the need for software security,” said Brian Chess, Ph.D., Founder and Chief Scientist at Fortify Software. “Through an aggressive education campaign and our new product capabilities, we hope to make it easy for cloud providers and cloud consumers to understand and deploy secure software that can be trusted in any environment and unlock the full benefits of the cloud.”
In its report titled, “Security Guidance for Critical Areas of Focus in Cloud Computing“ (Dec. 2009), the Cloud Security Alliance defined numerous benefits of the cloud: “Cloud enhances collaboration, agility, scaling, and availability, and provides the potential for cost reduction through optimized and efficient computing.”
“To fully realize the benefits of cloud computing, customers must trust that infrastructure vulnerabilities – especially the software that cyber-threats target more and more – don’t compromise the cloud’s shared services or open new avenues for hackers to access private information or disrupt business processes,” said Dave Cullinane, Chairman of the Board and Co-Founder of the Cloud Security Alliance.
Fortify’s new business white paper, called “Capturing the New Frontier: How Software Security Unlocks the Power of Cloud Computing”, is intended for anyone involved in evaluating a move to the cloud so that they understand and can address the unique software security risks of the cloud. The technical white paper, called “Software Security in the Cloud: A Technical Perspective”, is aimed at security practitioners and developers interested in gaining a deeper technical understanding of the vulnerabilities inherent to a cloud environment, and how to take action to mitigate these vulnerabilities.
The new cloud-specific capabilities in Fortify 360, an on-premise solution for Software Security Assurance, enables users to test for security issues specific to the cloud; produce a Cloud Readiness Scorecard, which rates an application from weak to strong depending on the number of minor or major fixes required before the application should be moved to the cloud; mitigate vulnerabilities; and then deploy applications safely within cloud environments.
Fortify on Demand, a set of hosted Software-as-a-Service (SaaS) solutions that allow any organization to test and score the security of all software with greater speed and accuracy, is the industry’s first SaaS-based software security solution to test for security issues specific to the cloud and to provide a Cloud Readiness Scorecard.
“Like immunizing themselves against infection, cloud providers can use Fortify 360 or Fortify on Demand to ensure that bad code introduced by one or more customers doesn’t contaminate their cloud offering. They can also create premium offerings around applications or infrastructure where software security has been rigorously applied,” said Chess. “For cloud consumers, our products can ensure that their code is secured and that they can trust their software before the move to this unique shared environment.”
“Capturing the New Frontier: How Software Security Unlocks the Power in Cloud Computing” is available now from Fortify’s web site; “Software Security in the Cloud: A Technical Perspective”, will be published by Fortify’s Security Research Group in mid-June, and will also be available via the web site. The new cloud capabilities, including the Cloud Readiness Scorecard, will be generally available in Fortify 360 and Fortify on Demand later this quarter.
Today’s news comes on the heels of last week’s announcement that Fortify has become a member of the Cloud Security Alliance (http://www.cloudsecurityalliance.org/), where it will contribute its Software Security Assurance experience and participate alongside other security industry leaders in driving awareness of and solutions for cloud security.
FortifyÃ‚®’s Software Security Assurance products and services protect companies from the threats posed by security flaws in business-critical software applications. Its software security suite–Fortify 360–drives down costs and security risks by automating key processes of developing and deploying secure applications. Fortify Software’s customers include government agencies and FORTUNE 500 companies in a wide variety of industries, such as financial services, healthcare, e-commerce, telecommunications, publishing, insurance, systems integration and information management. The company is backed by world-class teams of software security experts and partners. More information is available at www.fortify.com, or visit our blog at blog.fortify.com. Find Fortify on Twitter: @Fortify
SOURCE Fortify Software