Fortify Software
 |
|
| former Independent Software Vendor | |
| Industry | Computer software |
| Genre | Software Security Assurance |
| Founded | 2003 |
| Founder | Ted Schlein of Kleiner, Perkins, Caufield & Byers, Mike Armistead, Brian Chess, Arthur Do, Roger Thornton |
| Headquarters | San Mateo, California, United States |
|
Key people
|
John M. Jack (former CEO), Jacob West(head of Security Research Group), Brian Chess(former Chief Scientist), Arthur Do (former Chief Architect) |
| Owner | Hewlett Packard Company |
| Website |
HP Software Security web page and HP Fortify Software Security Center Server |
HP Software Security web page and
Fortify Software, known now as Fortify, was a California-based software security vendor, founded in 2003 and acquired by Hewlett-Packard in 2010. Fortify is now part of HP Enterprise Security Products in the HP Software business, providing application security products and services for enterprise customers to assess, assure and protect enterprise software and applications from security vulnerabilities.
On September 7, 2016, HPE CEO Meg Whitman announced that the software assets of Hewlett Packard Enterprise, including Fortify, would be spun out and then merged with Micro Focus to create an independent company of which HP Enterprise shareholders would retain majority ownership. Micro Focus CEO Kevin Loosemore called the transaction "entirely consistent with our established acquisition strategy and our focus on efficient management of mature infrastructure products" and indicated that Micro Focus intended to "bring the core earnings margin for the mature assets in the deal - about 80 percent of the total - from 21 percent today to Micro Focus's existing 46 percent level within three years."
Fortify's technical advisory board was composed of Avi Rubin, Bill Joy, David A. Wagner, Fred Schneider, Gary McGraw, Greg Morrisett, Li Gong, Marcus Ranum, Matt Bishop, William Pugh and John Viega.
Fortify created a security research group that maintained the Java Open Review project and the Vulncat taxonomy of security vulnerabilities in addition to the security rules for Fortify's analysis software. Members of the group wrote the book, Secure Coding with Static Analysis, and published research, including JavaScript Hijacking,Attacking the build: Cross build Injection,Watch what you write: Preventing Cross-site scripting by observing program output and Dynamic Taint Propagation: Finding Vulnerabilities Without Attacking.
...
Wikipedia