New Features Enhance the Industry's Best and Most Widely Used Source Code Analysis Solution

Fortify Source Code Analysis Suite 4.0 builds on Fortify Software's proven record of identifying and eliminating the most security vulnerabilities.

Now, Fortify Source Code Analysis 4.0 introduces important new features that will benefit development, audit, and information security teams for enterprise deployments.

• Expanded support for enterprise deployments

• These include:
• Fortify Manager 4.0 adds new reports and options to its pre-packaged reports. Gain insight and share valuable data with new reports such as the Single Scan Report -- a report that brings together relevant information from an individual scan, including top 10 problem files, vulnerability category distribution and issue totals.
  
  

• Improved report file format support lets organizations create custom reports in more formats, including Microsoft Word

• Fortify Manager's dashboard view can now be personalized to display select projects and groups for each authorized user.
  
  
• Fortify Manager enhances and expands its reporting capabilities for project groups. With Version 4.0, you can report on projects however you define them - per single code module or a logical grouping of many applications.
  
  
• Fortify Manager leverages current investments, and makes permission management significantly easier.
  Users now can:
  • manually define custom user groups
  • select from an organization's existing LDAP-compatible user directory (such as Microsoft Active Directory). Fortify Manager will inherit groups, project permissions and authorization roles already defined by the LDAP directory
• Fortify Manager's database records can be encrypted for increased security.

• Findbugs Integration

  Findbugs, the popular open-source program that discovers over 250 bug types in Java code, has been integrated into Fortify Audit Workbench. Now, developers can review quality and security defects together, saving time and improving the ease of use.

• Touchless Builds

  Get results quickly through easy integration with build and development environments. Complex systems which utilize standard build tools such as Apache ant, Unix make, and Windows make can be analyzed in their entirety with a single Fortify SCA command.

• Results Certification

  This new capability provides source code security auditors and security teams with exact details of what files, settings, and rules were used in an analysis.

• Custom Structural Rules

  Security leads can now create custom structural rules, including rules that search for comments or string literals in C/C++ and Java source code.

• Additional Language Support

  Fortify now offers support for Cold Fusion 5.0 and JSP Expression Language, as well as expanded structural analysis for .NET.

• Storage and Performance Improvements

  The Fortify Source Code Analysis engine now produces highly compressed results files, dramatically reducing storage requirements and upload speeds into Fortify Audit Workbench and Integrated Development Environments.

Get Fortify Software Solutions Now.

Fortify Software products are available in bundles for small to large software projects.

If you would like to contact us about getting started with Fortify Source Code Analysis, or would like more details about Fortify Manager, we have worldwide sales offices and solution provider partners ready to help you.