Informa Investment Solutions Selects Fortify SCA to Defend Sensitive Wealth Management Information

Accuracy, efficiency cited in choice of application security’s leading source code analysis solution for protecting $500 billion in mission–critical customer financial data.

PALO ALTO, Calif., October 22, 2007 - Fortify Software Inc., the market leader in enterprise application security solutions, today announced that Informa Investment Solutions (IS), a division of global industry leader Informa plc, is using Fortify® Source Code Analysis (SCA), the industry’s most proven and widely used source code security analysis solution, to protect software applications monitoring more than $500 billion of customer financial data. Informa IS, which provides accurate and comprehensive information and services for wealth management and investment businesses, handles account and transaction information for more than 1,000 financial service providers in the asset and wealth management business. By integrating Fortify SCA into its Security Development Lifecycle (SDL), Informa IS eliminates vulnerabilities in its code prior to deployment, while simultaneously reassuring its customers that every step has been taken to protect their investments.

“One of the reasons our customers chose us is because they know every possible security measure is being taken for their most demanding clients. Security has definitely become a competitive differentiator for us,” said Mark Crockett, Vice President of Technology and CTO of Informa Investment Scorecard. “Auditing at the source code level is the best way to protect applications early in the SDL. Fortify SCA will give us the opportunity to fix vulnerabilities before we push out new versions of our applications. In our view, the alternative is a security breach, and that is simply unacceptable.”

Informa IS, which provides investment performance reports to its client base, hosts sensitive account–level transaction information within its databases, making security a high priority and a business requirement. Informa IS has been a pioneer in recognizing the importance of addressing vulnerabilities early in the software development lifecycle. Informa IS is using Fortify SCA as a “hard tollgate” throughout its security development lifecycle so that code is checked at multiple points before reaching the QA department.

“We want to ensure our developers are adhering to our security development lifecycle,” Crockett added. “A failed Fortify report means they do not get to proceed to the next set of coding work; we’ve integrated it that deeply into our lifecycle.”

Informa IS’ developers are already using Fortify SCA’s customization features to tailor the SDL to meet the company’s specific needs. Fortify SCA does this through new rules–writing wizards with an XML rule editor to create and manage complex custom rules, custom issue tags and custom classification of issues to reduce audit time while improving auditor efficiency, as well as a flexible report wizards allowing users to customize report data.

“Fortify SCA has allowed Informa IS to create a new process for developing code that meets its business objectives while still addressing vulnerabilities at the earliest point in development.,” said Barmak Meftah, Fortify’s Senior Vice President of Products and Services. “Fortify SCA’s ability to provide this customization is really resonating with our customers across all industries, as the rules can be tailored to each industry.”

About Fortify® Source Code Analysis

Fortify SCA analyzes source code to help find and fix software vulnerabilities at the root cause, early in the development cycle, making triage, audits and remediation fast and effective for any organization. Its advanced features help developers identify and resolve issues with less effort, while enabling security leads to review and prioritize more code in less time. Fortify SCA supports a wide variety of languages, frameworks and operating systems, and delivers depth and accuracy in its results. For more information, please visit Fortify’s website at http://www.fortify.com/products/sca/.

About Fortify Software, Inc.

Fortify® Software products protect companies from the threats posed by security flaws in business-critical software applications. Its software security products—Fortify SCA, Fortify Manager, Fortify Tracer and Fortify Defender—drive down costs and security risks by automating key processes of developing and deploying secure applications. Fortify Software’s customers include government agencies and FORTUNE 500 companies in a wide variety of industries, such as financial services, healthcare, e–commerce, telecommunications, publishing, insurance, systems integration and information management. The company is backed by world–class teams of software security experts and partners. More information is available at www.fortify.com.

About Informa Investment Solutions, Inc.

Headquartered in White Plains (N.Y.), Informa Investment Solutions has been providing a broad array of products and services to thousands of investment, trust and wealth management professionals for more than 30 years. The company’s products include investment manager search and evaluation databases and systems, performance measurement and client reporting applications and services, compliance tools, and enterprise solutions to assist investment professionals in financial planning, managing assets and communicating with clients. Informa Investment Solutions, a wholly owned subsidiary of Informa Financial Information, operates from several offices nationwide, including White Plains, N.Y.; Durham, N.C.; Nashville, Tenn.; and Cedar Falls, Iowa. For more information regarding Informa Investment Solutions, please visit www.informais.com.

Fortify Press Contact

North America: Lisa Eskey, Sterling Communications, 1-408-884-5157, leskey@sterlingpr.com
UK: Laura Mead, Johnson King Public Relations, +44 (0)20 7357 7799, lauram@johnsonking.co.uk
Austria, Germany and Switzerland: Ingrid Daschner, Johnson King Public Relations, +49 (0)89 8940 8511, ingridd@johnsonking.de

Informa Press Contact

Dian Luffman, 615-665-1234, Dian.Luffman@informais.com