When it comes to public cloud computing, the single biggest concern for most IT organizations is security. When it comes to security, not all public cloud computing services are created equal. But then again, not all internal IT organizations are as good at security as some public cloud computing services.
To help with this debate, Fortify Software has added vulnerability tests to its suite of security assessment tools -- Fortify 360 for on-premise deployments and Fortify on Demand for IT organizations that prefer to access security tools as a service. In addition, its Cloud Readiness Scorecard can help customers rationally assess cloud computing security.
The Fortify tools rate an application from weak to strong using many of the security guidelines defined by the Cloud Security Alliance, which recently identified the seven deadly security sins of cloud computing. Of course, the Fortify tools can also be used to rate whether an application is suitable for deployment on a private cloud computing platform as well.
The real issue, says Brian Chess, founder and chief scientist for Fortify Software, is to get past all the posturing about what is and is not cloud computing and start focusing on how to secure applications will be delivered using these platforms one way or another.
With the release of these updates, Chess says Fortify Software wants to help people identify which applications really are secure enough for the cloud as opposed to just making overly broad statements about it.