Fortify Software Wins Infoworld’s Technology Of The Year Award for Best Security Analysis Tool

Palo Alto, Calif. - January 2, 2006 - Fortify Software Inc. today announced its Fortify Source Code Analysis suite has been selected by InfoWorld magazine as the "Best Security Analysis Tool" in the magazine’s "Technology of the Year 2006" issue. Selected for its comprehensive, accurate and configurable ability to discover and prioritize security vulnerabilities in software code, Fortify’s Source Code Analysis suite has already enjoyed significant market traction with customers including Oracle, Wells Fargo, Bank of America, Adobe (formerly Macromedia), eBay and other leading financial services, healthcare and eCommerce companies.

“When I reviewed Fortify Source Code Analysis 3.0 for InfoWorld, I found it offered a remarkable level of technical sophistication,” said Andrew Binstock, Principal Analyst, Pacific Data Works LLC. “Fortify technology not only catches and corrects security vulnerabilities, it also provides useful feedback during the coding process to help educate developers on secure coding practices.”

“Powerful automated tools such as the Fortify Source Code Analysis suite serve a critical role in developing a secure development lifecycle that finds and fixes security vulnerabilities before they put critical corporate and customer data at risk,” said John M. Jack, Chief Executive Officer, Fortity Software. “Being named InfoWorld’s “Best Security Analysis Tool” is a tremendous honor and reinforces our belief that security begins inside, at the application level.”

Fortify’s Source Code Analysis product suite includes sophisticated source code analyzers and reporting capabilities for discovering and prioritizing security vulnerabilities in software code. As the industry’s only cross-tier source code security analysis product, it is capable of following data paths in pursuit of security vulnerabilities across tiers, regardless of programming language. Other suite components combine Fortify’s innovative source code analyzers with a powerful user interface to enable development organizations and security audit teams to rapidly organize, investigate and prioritize results so security flaws can be corrected before dangerous worms, hackers and malicious users can exploit them.

Since InfoWorld’s review in early 2005, Fortify Source Code Analysis is now shipping version 3.1, which includes new analyzers, more than 50 new vulnerability category checks and support for additional languages, such as C#. Additional features will be announced in 2006 as well.

About Fortify Software, Inc.

Fortify Software products protect companies from the threats posed by security flaws in business-critical software applications. Its flagship software security suites, Fortify Source Code Analysis and Fortify Security Tester, drive down costs and security risks by automating key processes of developing secure applications prior to deployment. Fortify Software is backed by leading investors, including Kleiner, Perkins, Caufield & Byers, and a world-class team of software security advisors and partners. More information is available at www.fortifysoftware.com.

Press contact:
Kim Milosevich, OutCast Communication
kim@outcastpr.com
415-392-8282