Fortify Software, a provider of Software Security Assurance (SSA) offerings, has debuted hybrid security analysis technology for testing web applications.
Fortify Software claims that the Hybrid 2.0, developed in collaboration with HP, enables teams across the application lifecycle to improve visibility into security risks, increase test accuracy and produce secure web applications through new advances in correlating static and dynamic testing results.
Using correlation techniques, the Hybrid 2.0 connects penetration test results directly to source code analysis results revealing hidden vulnerability relationships and exposing root cause within the application source code. It allows security professionals and development teams to identify and prioritise vulnerabilities, and investigate and remediate security defects in the source code.
The new technology is offered through the integrated offerings of HP Assessment Management Platform (AMP), Fortify Source Code Analysis (SCA) and Program Trace Analyser (PTA). It provides insight into application security by making visible the connection between issues discovered through dynamic and static testing mechanism, Fortify Software said.
Barmak Meftah, chief products officer at Fortify Software, said: Our next generation hybrid analysis technology offers customers a dramatic step forward in achieving their software security assurance goals.
“While other vendors offer point solutions or first-generation capabilities, Fortify and HP are delivering integrated technologies that enable businesses to more effectively reduce risk associated with insecure web applications.