With the acquisition of Fortify Software by Hewlett-Packard this week, it’s clear that the major vendors are beginning to zone in on application security. As attacks across the security landscape shift toward applications and away from operating systems and the network perimeter, responsibility for security is increasingly shifting toward developers. Although Fortify has been a […]
With the acquisition of Fortify Software by Hewlett-Packard this week, it’s clear that the major vendors are beginning to zone in on application security.
As attacks across the security landscape shift toward applications and away from operating systems and the network perimeter, responsibility for security is increasingly shifting toward developers.
Although Fortify has been a long-time partner of HP, Subbu Iyer, senior director of products for HP Software, said HP felt that the need to bring security and application development teams closer together created a requirement to bring Fortify’s products inside the HP portfolio.
The challenge, said Iyer, is that even when security teams identify issues, there’s no easy process by which those problems can be identified and remediated within the application quality control process.
As companies such as HP and IBM work to solve this issue, however, they are likely to find that relative upstarts such as Coverity and CAST Software are already addressing the issue from a perspective of quality control. Coverity, which recently partnered with Armorize Technologies, is capturing application security data and identifying them as defects during the application development process. CAST Software, meanwhile, includes security issues as part of its tools for analyzing ERP applications.
The end result is that a lot more security issues begin to be addressed during the development process, rather than after the fact.
Unfortunately, it may take a while before IT organizations can alter their processes to take into account new approaches to application security. But as IT organizations address application security issues within the context of the application development process, it means that major improvements to application security and quality are finally in the offing.
Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
