Fortify introduces new cloud readiness scorecard system

The software security assurance vendor says that the new cloud-readiness scorecard and report features of its software offers guidelines on what organisations need to do to ensure that their software applications that run their businesses are cloud-ready.

Brian Chess, Fortify's chief scientist, told Infosecurity that the main issue with cloud computing is that, outside of a small number of IT security professionals, most of the IT world looks at the cloud and sees a security risk.

"Users are, however, starting to understand the benefit potential that adopting cloud computing offers them, but they are getting to grips with the security risks involved", he said.

"I think the main issue for most organisations is whether they trust their software sufficiently to allow it out of the company door and into the cloud. If they do - great. If they don't that's when they need to review their security plans", he added.

Despite the extra cost of private clouds, Chess says that users can still save a lot of money by migrating their IT systems and software to a cloud computing platform.

"Our view is that larger enterprises will be slower to adopt the cloud than newer and smaller companies. The good news is that we are seeing more and more companies becoming a lot more aware of the benefits of cloud computing and cloud security", he said.

The new cloud readiness scorecard features of Fortify 360 and Fortify on Demand are billed as allowing IT managers and their teams to not only evaluate the readiness of their software for cloud environments, but to find and fix security vulnerabilities that could be caused specifically by a move to a cloud environment.

"For cloud consumers, our products can ensure that their code is secured and that they can trust their software before the move to this unique shared environment", he added.

What’s Hot on Infosecurity Magazine?