Open Source Security is the focus for Fortify/Sonatype Integration

On Monday HP announced a partnership with Sonatype to further reduce the risk introduced by open-source software. The integration with Sonatype's component life cycle management (CLM) analysis technology, allows HP Fortify on Demand 's customers to analyze their application's use of open source and 3rd party components, understand the application's components and composition including a "component bill of materials", and uncover know potential security, licensing, policy and quality problems. We  believe this represents the industry's first on-demand application security solution providing a combination of static, dynamic and open source risk analysis.

 

Sonatype Integration.png

 

The open source risk analysis is complementary and can be accessed within the Fortify on Demand portal. To find out more about Sonatype, Fortify on Demand and the open source security solution visit  http://www.sonatype.com/fortify 

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Featured


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.