Identify the Cause, not the Symptom

Fortify 360 identifies the root cause of the problem - not just the symptom, providing line-of-code level details for more than 400 categories of vulnerabilities.

Address the Most Serious Issues First

Fortify 360 enables security and development teams to focus on the most important issues first, increasing their productivity and accuracy while avoiding time wasted chasing down false positives. Prioritized results are delivered by correlating analyzer data in a collaborative on-line environment where security and development teams can work together to resolve issues quickly and accurately.

Enterprise Class Detection

With support for 17 development languages, 600,000 component level APIs and the ability to detect vulnerabilities at multiple points in the development lifecycle, Fortify 360 provides the most comprehensive set of capabilities in the market today. This in turn reduces the cost of identifying and fixing vulnerabilities, decreases the chance of critical vulnerabilities going undetected and minimizes the volume of vulnerability processing required to maintain compliance.

Static Analysis of Source Code

Fortify 360's static Source Code Analyzer (SCA) provides root-cause identification of vulnerabilities in source code. SCA is guided by the largest and most comprehensive set of secure coding rules and supports a wide array of languages, platforms, build environments and integrated development environments (IDEs).

Dynamic Analysis of Programs during Testing

Fortify 360's dynamic Program Trace Analyzer (PTA) provides root-cause identification of vulnerabilities during the QA process. Because Fortify 360 PTA works in the background during the application testing process, organizations can easily use their existing test suites and processes to identify vulnerabilities.

Dynamic Analysis of Applications in Production

Fortify 360's dynamic Real-Time Analyzer (RTA) provides root-cause identification of vulnerabilities after an application has been deployed into production. RTA monitors critical software functions and application programming interfaces (APIs) from inside the application itself, provides root-cause identification of vulnerabilities in a real world context.

360 Correlated Analysis

To ensure accurate risk severity, Fortify 360 correlates the results from across its multiple analyzers. This provides an accurate picture of an application's security and ensures development is addressing the most significant issues first.