HP Fortify Static Code Analyzer

Platforms of corporate security from Hewlett-Packard company are HP Fortify Static Code Analyzer.

The HP solution of Fortify Static Code Analyzer helps to be convinced of reliability of the software, to cut down expenses, to increase performance and to increase security of the created code. The analyzer scans the source code, defines vulnerability origins, compares and ranges results according to priorities, provides detailed data (up to the level of separate lines with the code) which will help to eliminate gaps in protection.

Main Functions

• Decrease in business risks thanks to detection of vulnerabilities which pose the greatest threat
• Fast detection and elimination of vulnerabilities using repeatedly reproduced protective processes
• Cost reduction on development thanks to determination of vulnerabilities at the early stages SDLC
• Training of developers in the correct encoding techniques
• Consolidation of developers and security experts in a uniform command for search and elimination of gaps in protection

HP Fortify Static Code Analyzer 4.0

On September 20, 2013 provided to HP upgraded version of the platform of corporate security of HP of Fortify Static Code Analyzer (SCA). Version 4.0 allows clients to estimate the security level of the software ten times faster in comparison with the previous versions thanks to application of more perfect algorithms of parallel static testing.

Distribution of cloud and mobile computing led to increase in demand for development tools and applications testing. In modern realities many organizations so hurry to put the new software into operation that they often do not manage to test security of the solutions comprehensively. The result of such "saving of time" is known: the software products used by business even more often contain vulnerabilities which malefactors can use. According to analysts, from 2011 to 2012 the amount of the known vulnerabilities of software grew by 19%. In particular, in 2012 99% of all analyzed appendices were contained, at least, one serious vulnerability. As for so-called "mobile applications", in five years the quantity of weak spots in them grew almost by 800%.

The HP platform of Fortify SCA 4.0 is capable to analyze in parallel several data streams of applications that increases the speed and accuracy of scanning of software many times. This solution provides the following advantages:

• Scanning speed is 10 times higher, and the amount of false positive results are 20% less in comparison with the previous version of a product; the organizations can quicker execute assessment of the software and receive more exact results. (1)
• The improved intellectual reports on security of the software thanks to which IT department receives in the order lists of the problems classified by risk level that helps to eliminate timely vulnerabilities of web applications, mobile, client and server applications.
• Reduction of time which is spent for application development, thanks to more frequent testing and scanning of applications without influence on development process.

Flexible opportunities of deployment for compliance to requirements of the organizations thanks to local access or access on demand. HP Fortify SCA 4.0 provides fast static assessment of security of applications when using provided as service of a cloud solution according to security of applications of HP of Fortify on Demand.