Software security firm Fortify Software today launched a new hosted service designed to provide information security professionals and developers with the means to test code for vulnerabilities.
Fortify on Demand takes some of the core static analysis functionality of the firm's Fortify 360 security suite and combines it with dynamic application security testing powered by WhiteHat Security in a user-friendly software-as-a-service (SaaS) offering.
The technology combines binary and source code analysis to focus on a core set of 90 common vulnerabilities in .Net, Java and PHP languages, which covers "the vast majority of web apps out there today", according to Fortify's senior vice president of products and technology, Barmak Meftah.
It's available in two solution sets: Enterprise Assessment Management and Vendor Security Management, for firms looking to assess internal and third-party software, he explained.
"Any other technology component and traditional security measures would be effective but the software stack is exposing companies to a high level of risk, " he said.
"Fortify on Demand is cheap, low touch and requires little expertise to use – you simply upload the code and get an accurate and comprehensive assessment very expeditiously."
Meftah explained that although the target market for the product is initially the enterprise market, the firm has aspirations to extend this out to small and medium-sized customers.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago