Fortify Software
- ProductsAndServices
- Solutions
- ResourceCenter
- Customers
- Partners
- News and Events
- About
Home 
Products
Detect Vulnerabilities
Overview
Vulnerability Detection
Fortify 360 integrates static source code analysis, dynamic runtime analysis, and real-time monitoring to identify and accurately prioritize the greatest number of critical security vulnerabilities.
Source Code Analyzer (SCA)
The Fortify Source Code Analyzer (SCA) examines every line of code and every program path to identify hundreds of different types of potentially exploitable vulnerabilities early in the development lifecycle, when they're cheapest to fix.
Program Trace Analyzer (PTA)
The Fortify Program Trace Analyzer (PTA) finds vulnerabilities that become apparent only while an application is running. It integrates into a QA test to find vulnerabilities while a functional test is being conducted on an application.
Real-Time Analyzer (RTA)
The Fortify Real-Time Analyzer (RTA) monitors deployed applications in real-time to detect attacks at the instant they occur. In addition to identifying the nature, origin and timing of attacks, RTA can actively defend vulnerable applications until appropriate remediation steps are developed.
360 Correlation
Fortify 360 integrates results from every analyzer in a central repository and correlates them to leverage each analyzer's strengths and produce the most accurate list of vulnerabilities and attacks possible
Contact me about products from Fortify Software
"We strongly believe that Fortify's holistic approach to application security - implementing security during all stages of development, rather than after the fact - proactively helps eliminate business risk and truly safeguards our enterprise against today's ever-changing security threats."
Craig Shumard, CISO, CIGNA
"We looked into a number of tools and tested them against our source base. The vast majority of them could not handle the size, scope and nature of our applications. Of all the products we tested, Fortify came closest to our technical requirements."
Oracle
"Fortify is one of the largest SAST vendors, with strong innovation as well as execution capabilities. It has expanded its technologies beyond SAST into a broader spectrum of application security disciplines that supplement its core SAST capabilities."
Gartner MQ
"Auditing at the source code level is the best way to protect applications early in the SDL. Fortify SCA will give us the opportunity to fix vulnerabilities before we push out new versions of our applications. In our view, the alternative is a security breach, and that is simply unacceptable."
Mark Crockett, Vice President of Technology and CTO of Informa Investment Scorecard
"Fortify is one of the largest SAST vendors, with strong innovation as well as execution capabilities. It has expanded its technologies beyond SAST into a broader spectrum of application security disciplines that supplement its core SAST capabilities."
Gartner MQ
"We are very pleased with our decision to integrate Fortify products into our source code review and applications security audit processes"
Rick Dakin, QSA and Cofounder of Coalfire
© 2010 Fortify Software Inc., Headquartered in San Mateo, CA USA, (650) 358-5600
eNewsletter Sign Up | Software Security Blog | Contact Us | Privacy