Leader in Investment Banking Discovers Secret to Fortifying Large, Diverse Code Base

Customer Business Profile

A leading global investment banking, securities and investment management organization, with worldwide development and business centers.

Security Initiatives

In investment banking, it's essential that IT protect the organization from serious reputation, financial and operations risks. It's well documented that this is best done by eliminating security vulnerabilities at the source: the code itself. Regulatory compliance in the financial industry calls for scalable, repeatable process, and traceability in security audit. With one of the largest distributed development organizations in the finance industry, a secure development lifecycle (SDLC) that could be rolled out across the enterprise was a requirement.

• Key Challenges

  • A secure development process that met compliance criteria
  • Effective enterprise-wide deployment
  • Multi language analysis across tiers
  • Multi-platform support including Solaris, Linux and Windows

Why They Chose Fortify

The combination of diverse systems and a multitude of development languages and platforms presented a challenge that very few software security vendors even attempt to address. A thorough evaluation of options was undertaken to identify if any vendor could deliver on this demanding set of requirements. In the end, Fortify Software was found to have the credentials required to meet the challenge.

A Better Experience

The ability of Fortify Software to find security vulnerabilities across tiers developed in multiple languages and running on a combination of Solaris, Linux and Windows environments was a unique capability. Further, Fortify Software solutions were found to provide rapid time to productivity, high performance in quickly identifying and prioritizing potential threats, and the ability to scale to meet the demands of an enterprise wide security model deployment.

• Fortify Benefits

  • Supported ability to meet compliance criteria
  • Ability to get trained and become productive quickly
  • Scalability to expand across the enterprise

Read more security risk management case studies.