Fortify - Application Security
Recent statistics show that almost half of breaches that cause material damage occur via applications. HP Fortify provides software and services that help organization secure applications to prevent those attacks. This blog serves as a platform for our penetration testers, product managers and marketers, and software engineers to provide analysis and insight regarding both web application security and how organizations can utilize our products and services to better secure their applications. For more information, visit

HP Protect sessions--Expanding the horizons of dynamic scanning

At this year’s HP Protect conference in Washington, DC, I will be co-presenting 2 separate talks, one about the WebInspect API and another about HP Fortify and Continuous Monitoring. 


The WebInspect API talk will focus on how organizations can become more efficient. We will discuss how the API can be used to sort out issues of integrating dynamic scanning with the development cycle, as well as how it can help resolve issues with growing pains or inconsistent demand on the dynamic scanning infrastructure. Besides myself, this talk will feature:

  • Brandon Spruth of Morningstar
  • Brooks Garrett from our Fortify on Demand team
  • Jeremy Brooks from WebInspect Development

Brandon Spruth will outline how his organization is using the WebInspect API to automate dynamic scanning with his continuous build environment and what advantages this has brought. Brooks Garrett and I will be covering a solution that uses WebInspect in conjunction with the cloud to overcome demand inconsistencies for dynamic scanning security teams.


For the Continuous Monitoring discussion, I will be co-presenting with Matt Fisher, Solution Architect on the Fortify Federal team. We will talk about the concept and benefits of continuous monitoring of applications for security vulnerabilities, as well as how HP Fortify can facilitate teams to begin their own continuous monitoring programs.


A little bit about myself, I joined the Fortify team 2 years ago initially starting with the SaaS team doing almost every facet of work imaginable from running static scans to dynamic assessments to project management. I switched to the Product Management team in November taking over the position of WebInspect PM.  Since then I have worked closely with many customers to understand the changing aspects in the field of dynamic scanning on an enterprise level.  Outside of the office my interests range from my family to outdoors activities to electronics.



To get more information on Protect 2014 events specific to Fortify, and register, visit


Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Showing results for 
Search instead for 
Do you mean 
About the Author

Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.