HP delivers comprehensive application security testing

Issued by HP
Johannesburg, 14 Sep 2011

HP today announced a new suite of products for automating and managing application security in the enterprise, including the only integrated application security testing solution available on-premises or on-demand that scales to identify vulnerabilities in thousands of applications.

Application vulnerabilities pose significant threats to enterprises, exposing them to costly and increasing cyber crime. In fact, the Ponemon Institute's Second Annual Cost of Cyber Crime Study, released in August, revealed the median annualised cost of cyber crime incurred by a benchmark sample of organisations was $5.9 million per year, with a range of $1.5 million to $36.5 million each year, per organisation.

The HP Fortify Software Security Centre suite enables customers to automate their Software Security Assurance program, and proactively eliminate vulnerabilities in applications.

Comprising the Static Application Security Testing (SAST) solution, formerly known as the HP Fortify 360 suite, and the Dynamic Application Security Testing (DAST) solution, formerly known as HP Application Security Centre, features of the new suite include:

* Elastic and scalable application security testing capability, called CloudScan, enabling clients to more frequently test applications, delivering faster results.
* Integrated static and dynamic application security testing in real-time, allowing clients to rapidly locate and repair more vulnerabilities in applications with HP WebInsepct Real-Time.
* Ability to quickly scale application testing projects with HP Fortify on Demand, a security as a service solution.

“Enterprises need to secure a wide range of applications from many sources across multiple platforms and environments, and no amount of perimeter security or outside auditing can protect applications from advanced application-layer vulnerabilities,” said Clive Brindley, HP Software Channel Manager, South Africa.

“HP Fortify Software Security Centre is the 'one-stop shop' for everything a client needs for rapid application testing and creating a secure development culture.”

The HP Fortify Software Security Centre suite provides two key capabilities for managing a comprehensive Software Security Assurance program:

* Security testing enables users to identify vulnerabilities throughout the application life cycle - whether applications are developed internally or externally - with three of the most effective software security analysis technologies in use today:

* Static Application Security Testing (SAST) with HP Fortify Static Code Analyser (SCA);
* Dynamic Application Security Testing (DAST) with HP WebInspect; and
* Real-time integration of static and dynamic application security testing techniques, known as real-time hybrid analysis.

* Secure development life cycle automates management, tracking, remediation and governance of enterprise software risk. This enables customers to fix, track and report on vulnerabilities, as well as proactively define process, policy and control of their Software Security Assurance programs.

By removing security vulnerabilities in applications before they are deployed, organisations can reduce their risk of a security breach and apply the savings to growth or innovation. HP Fortify Software Security Centre enables organisations to build or expand their Software Security Assurance programs in the way that best suits their unique needs and budgets.

HP Fortify Software Security Centre is now available worldwide. Additional information is available here.

HP creates new possibilities for technology to have a meaningful impact on people, businesses, governments and society. The world's largest technology company, HP brings together a portfolio that spans printing, personal computing, software, services and IT infrastructure at the convergence of the cloud and connectivity, creating seamless, secure, context-aware experiences for a connected world. More information about HP (NYSE: HPQ) is available at http://www.hp.co.za.

This news advisory contains forward-looking statements that involve risks, uncertainties and assumptions. If such risks or uncertainties materialise or such assumptions prove incorrect, the results of HP and its consolidated subsidiaries could differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements, including, but not limited to, statements of the plans, strategies and objectives of management for future operations; any statements concerning expected development, performance or market share relating to products and services; any statements regarding anticipated operational and financial results; any statements of expectation or belief; and any statements of assumptions underlying any of the foregoing. Risks, uncertainties and assumptions include macroeconomic and geopolitical trends and events; the competitive pressures faced by HP's businesses; the development and transition of new products and services (and the enhancement of existing products and services) to meet customer needs and respond to emerging technological trends; the execution and performance of contracts by HP and its customers, suppliers and partners; the achievement of expected operational and financial results; and other risks that are described in HP's Quarterly Report on Form 10-Q for the fiscal quarter ended April 30, 2011 and HP's other filings with the Securities and Exchange Commission, including, but not limited to, HP's Annual Report on Form 10-K for the fiscal year ended October 31, 2010. HP assumes no obligation and does not intend to update these forward-looking statements.

(c) 2011 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

Editorial contacts