Fortify on Demand

Static application security testing
Fortify on Demand supports Secure Development at DevOps speed, security testing embedded into the development tool chain and continuous monitoring to protect software running in production.
Savings in development time
More vulnerabilities identified
Reduction in false positives reported
Secure code right from the start
Secure code right from the start

Powered by Fortify Static Code Analyzer, Fortify on Demand Static Assessments detect over 988 unique categories of vulnerabilities across 25 programming languages that span over 999,000 individual APIs.

face to face
Supports 25 languages
Support for ABAP/BSP, ActionScript, Apex, ASP.NET, C# (.NET), C/C++, Classic, ASP (with VBScript), COBOL, ColdFusion CFML, HTML, Java (including Android), JavaScript/AJAX, JSP, MXML (Flex), Objective C/C++, PHP, PL/SQL, Python, Ruby, Swift, T-SQL, VB.NET, VBScript, Visual Basic, and XML.
Various 3
DevOps tool integration

Developer tools to accelerate AppSec integration across existing agile or DevOps processes including: IDE plug-ins, code uploads from build or Continuous Integration (CI) servers, and native integration to bug trackers

Open source component analysis

Open source component analysis, powered by Sonatype, to identify publicly disclosed vulnerabilities and license risks.

Comprehensive scanning coverage
Comprehensive scanning coverage across source code, byte code or object code for any type of application: web, mobile or thick-client.
Book 3
Flexible license models
Flexible static assessment licensing models with singlescan or subscriptions available.
Time forward
Real-time reporting

Real-time vulnerability identification and reporting with Fortify Security Assistant (with subscription only).

Build application security into DevOps

The new SDLC requires an expanded scope of application security - from development, through traditional scanning and testing and into production. Micro Focus Fortify offers end-to-end solutions.

Fortify static assessments can take only minutes
Fortify static assessments can take only minutes

Fortify, a leader and innovator in AppSec, has worked with hundreds of organizations to accelerate application security as a service within DevOps environment. Mature security organizations have capitalized on the proven success of Fortify on Demand to automate and integrate application security as demonstrated through static assessment times.

Close the loop with secure development training
Close the loop with secure development training

Fortify offers comprehensive Application Security training, research and insight, available anytime, anywhere.

release-rel-2021-2-2-5866 | Wed Feb 24 16:38:31 PST 2021
Wed Feb 24 16:38:31 PST 2021