Fortify Software

Home Partners Security Services Partners

Software Security Service Partners

Highly qualified code auditing, testing and application security process experts bring valued services to a variety of customers. These partners provide a range of security services including application threat modeling, application penetration testing, compliance auditing, independent source code audits and on-going managed services.

Accuvant »

AppSec Consulting »

AsTech »

Cigital »

Denim Group »

Gotham Digital Science »

InfoVision »

Intrepidus Group »

Minded Security »

Pro-G »

QuietMove »

SkillBridge »

Sunera »

SysTest Labs »


621 17th Street, Suite 2425, Denver, CO 80293 Accuvant is a national information security and compliance consulting firm that designs and executes strategies to address large enterprises’ complex information security challenges. Accuvant security advisors help organizations assess risk, improve compliance, and secure infrastructure. For more information, please visit www.accuvant.com.

5201 Great America Parkway, Suite 320, Santa Clara, CA 95054, Tel: 408-730-2655 Key Contact Info: Brian Bertacini Email: brian@appsecconsulting.com Website: www.appsecconsulting.com/ AppSec Consulting provides security compliance and assurance solutions. Our offerings include instructor lead training and eLearning programs, security testing services, remediation consulting and a suite of risk management solutions. AppSec Consulting is a PCI approved vendor.

601 Montgomery Street, Suite 688, San Francisco, CA 94111 Key Contact Info: Steve Stewart Email: steve.stewart@astechconsulting.com Website: www.astechconsulting.com For over six years AsTech’s team of security professionals have conducted full scale security assessments of web facing computer applications including source code analyses, deployment architecture and infrastructure in numerous industries. Our team utilizes advanced analysis tools such as Fortify Software, integrated with a review of application source code, to assess and report risks. AsTech’s extensive experience in the Application Security arena allows us to develop secure applications across a wide range of industries.

21351 Ridgetop Circle, Suite 400, Dulles, VA 20166, Tel: 800 824 0022 Key Contact Info: Désirée M. Campbell Phone: 703-404-5770 Email: dcampbell@cigital.com Website: www.cigital.com Cigital is a consulting firm specializing in software risk management and data security. We help companies protect their most valuable assets: company information, customer data, shareholder value. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable deployment of software that organizations build, buy and integrate.

3463 Magic Drive, Suite 315, San Antonio, TX 78229 Key Contact Info: John Dickson Email: john@denimgroup.com Website: www.denimgroup.com Denim Group is an IT consultancy specializing in custom software development, systems integration and application security. It assists clients with source code reviews, penetration tests, secure development training, SDLC consulting, and source code remediation services.

26 Broadway, Suite 961, New York, NY 10004, USA 162A Putney Bridge Road, London, SW15 2NG, United Kingdom Email: info@gdssecurity.com Website: www.gdssecurity.com Gotham Digital Science (GDS) is an international security services company specializing in secure application development and penetration testing. Our security experts work with clients to assess risk and then design, build, and maintain secure applications and networks. GDS services include Software Security Code Review, Black Box Application Testing, Vulnerability Remediation, Design Reviews, Application Threat Modeling, and Developer Security Training.

800 E. Campbell Road, Suite 388, Richardson, TX 75081 Key Contact Info: Markus Bohlander Email: Markus.Bohlander@infovision.net Website: www.infovision.net InfoVision is a global IT Services and Solutions company that specializes in secure SDLC management, application security assessment, penetration testing, remediation, and secure development services.

One Penn Plaza, Suite 6180, New York, NY 10119 Key Contact Info: Rohyt Belani Email: rohyt.belani@intrepidusgroup.com Website: www.intrepidusgroup.com Intrepidus Group is a premier application security consulting company that specializes in performing source code reviews, web and mobile application penetration tests, and SDLC reviews.

Via Duca D'Aosta, 20 - 50129 Florence (Italy) Key Contact Info: Matteo Meucci Email: matteo.meucci@ mindedsecurity.com Website: www.mindedsecurity.com Minded Security is a global Information Security operator focused on Application Security. Minded Security delivers professional services in order to help Companies to create a secure Software Development Life Cycle. Minded Security bases his consulting approach on the research: Minded Security Research Lab faces the most advanced issued on Application Security and supports Training, Consulting and Testing Professional Services to be at the state of the art.

Pro-G Information Security Ltd., ODTU Teknokent, Gumus Bloklar, No:1, ODTU, Ankara, Turkey Key Contact Info: Burak DAYIOGLU Email: burak.dayioglu@pro-g.com.tr Website: www.pro-g.com.tr Pro-G is a leading IT security consultancy company based in Turkey. Founded in 2002, Pro-G has a strong focus in software development life cycle and security. Through a strong combination of trainings, consultancy and assessment services among with partnerships with leading security product vendors, Pro-G has a strong portfolio to help its enterprise customers build reliable and secure software.

14646 N Kierland Blvd. Suite 100, Scottsdale, AZ 20166 Key Contact Info: Adam Muntner Email: consulting@quietmove.com Website: http://www.quietmove.com Focused on security throughout the entire application lifecycle, QuietMove provides application security training to software architects and developers, performs comprehensive application, network, and database penetration testing, and delivers expert-driven Source Code Analysis utilizing the Fortify Software product line.

240 Bear Hill Road, Suite 206, Waltham, MA 02451, Tel: 781-466-6615 Key Contact Info: Steve Leventhal Email: sleventhal@skillbridgetraining.com Website: www.skillbridgetraining.com SkillBridge provides security related training services. Offerings include courses on Architecture, Design, Programming, Testing, Network and System Administration security, as well as Executive level seminars.

777 S. Harbour Island Blvd. Suite 760, Tampa, FL 33602, Tel: (813) 731-9074 Key Contact Info: Andrew Cannata Email: acannata@sunera.com Website: www.sunera.com Sunera, founded by "Big-4" Partners, Senior Managers and other experienced professionals, is a leading provider of security, risk and controls consulting services throughout the United States, Canada and the United Kingdom. The Information Security and Networking Services (ISNS) practice, staffed exclusively with experienced professionals that have been independently certified by internationally recognized information security organizations, specializes in penetration testing and vulnerability assessment services spanning the broad network perimeter to targeted application source code reviews. Other services include PCI audits and assessments, web application penetration testing, network and application architecture reviews and comprehensive remediation implementation.

216 16th Street, Suite 700, Denver, Colorado 80202 Key Contact Info: Ron Wood Email: rwood@systest.com Website: www.systest.com SysTest Labs provides a full range of software testing and quality assurance (QA) including security vulnerability testing throughout the development lifecycle; project management; software certification; on-site software test consulting and engineering; outsourced software test engineering; automated software test support, development, and execution; test and QA management; and load, stress and performance testing. For more information, visit www.systest.com or call (303) 575-6881.