Fortify Software developing static/dynamic security technology

HP acquired Fortify earlier this year and Infosecurity got a chance to discuss the Hybrid 2.0 platform with Jacob West, Fortify's director of security research, at last week's RSA Europe event.

Hybrid 2.0, he explained, was developed in close co-operation with HP, and allows IT security teams to correlate penetration test results directly to source code analysis results.

The idea of this correlation, he says, is to reveal hidden vulnerability relationships and expose their root cause within the application source code.

This, in turn, allows security professionals and development teams to more accurately identify and prioritise vulnerabilities, and investigate and remediate security defects in the source code.

"It basically allows the integration of static and dynamic security technologies under one software control system", said West, adding that this process allows IT staff to prioritise their security actions.

During the current fourth quarter, he told Infosecurity, the Hybrid 2.0 software is under active beta test, and the gameplan is to release the software to the company's corporate clients in the first quarter of 2011.

To prepare the way for Hybrid 2.0, Fortify has a published a white paper that details how the software operates, and the problems it solves in the corporate IT security environment.

What’s Hot on Infosecurity Magazine?