Fortify - Application Security
Recent statistics show that almost half of breaches that cause material damage occur via applications. HP Fortify provides software and services that help organization secure applications to prevent those attacks. This blog serves as a platform for our penetration testers, product managers and marketers, and software engineers to provide analysis and insight regarding both web application security and how organizations can utilize our products and services to better secure their applications. For more information, visit

Release Announcement - Fortify on Demand

The Fortify on Demand February Release includes:

Usage Dashboard

The Fortify on Demand portal now features a fourth dashboard on the landing page where our customers can see at a glance how many assessments of each type (static, dynamic, mobile) have been completed, how many applications have been created and assessed, and how assessments are progressing in relation to the schedules projected in the Service Level Objectives.


We have improved OWASP (Open Web Application Security Project) Top 10 vulnerabilities filtering and reporting.

Open-Source Code

HP Fortify has partnered with Sonatype to provide customers with complimentary information about any open-source software that may be included in their applications. When submitting an application to FoD for assessment, you can now choose to include an open source assessment from Sonatype. The Sonatype technology immediately checks to determine whether any open-source code is included in your payload. It then provides you with a detailed report in the FoD User Interface.   


Mobile Application Testing

Source code is no longer a requirement for mobile premium scans.


Eclipse and Microsoft Visual Studio Plug-ins

Several tools are available within the FoD portal to assist with uploading large files for static assessments. With this release, we have improved the interface and provisioning for our Eclipse and Microsoft Visual Studio Plug-ins.


Enhancements to Support Efficient Assessment Processes

Many of the changes during this release cycle were designed to streamline our internal processes and improve the efficiency with which we perform and manage security assessments. While these changes are not outwardly visible to you, our customers, we hope that you will feel the effects over time as we continue to provide you with the best possible service.


Customers with active accounts can view the detailed release notes here.

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Showing results for 
Search instead for 
Do you mean 
About the Author

Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.