Fortify - Application Security
Recent statistics show that almost half of breaches that cause material damage occur via applications. HP Fortify provides software and services that help organization secure applications to prevent those attacks. This blog serves as a platform for our penetration testers, product managers and marketers, and software engineers to provide analysis and insight regarding both web application security and how organizations can utilize our products and services to better secure their applications. For more information, visit www.hp.com/go/fortify

Displaying articles for: April 2014

HP Security and The Internet of Things

IoT.png

The Internet of Things is…well, many things. It's a combination of reality and hype, peril and promise, present and future. Gartner says that by the year 2020 there will be 30 billion Internet of Things devices, and the current technology market is brimming with competitors in this space.

 

In this short article we'll walk through what the Internet of Things is and isn't, talk about some of its security and privacy implications, and introduce a few initiatives HP Fortify on Demand is working on in this exciting and developing area.

 

 

 

Looking back on a decade of Fortify

calendar.jpgIt’s been 11 years since I founded Fortify, and I’m still at it. But, it’s fun to look back and see just how far we’ve come…and even more fun to see where we’re headed. 

Labels: HP| security

Taxman: Mobile Tax App Privacy & Security

photo.JPGThe IRS isn’t the only one after your money.  Is your mobile tax app giving away sensitive information?

Fortify on Demand Heartbleed Update

heartlock.jpgA more personal response to the Heartbleed fiasco and what the Fortify on Demand team is doing to protect customers.

Thoughts on the Heartbleed Bug

heartbleed.pngThe Heartbleed bug is big. It's bigger than most thought it was when they heard about it, and now that the patching dance has begun, people are finally starting to feel the weight of it.

 

In this short article, we'll cover some basics (what the bug is, what the risks are to organizations) and we'll offer some analysis and commentary, as well.

Ethical hacking...is there a benefit when it comes to security?

Ethical, or legal, hacking is in the news every day. Is this really a saving grace for cybersecurity? hacked.jpg

Labels: HP| security

10 ways your mobile phone leaks your sensitive information

Mobile Data Leakage.pngWe all use mobile phones, but few of us are aware of how careless they can be with our information.

 

It's not really the phones by themselves, though. It's the applications and how they interact with the operating system.

 

This article will walk through a few of the common dangers to your data security and privacy that come from poorly coded mobile applications.

HP Security and CSC team up to announce AppSec on Demand

Cyber threats are on the rise and are growing in complexity. Read on to see how organizations can cut down on operational expenses, which maintaining an aggressive security posture. 

Labels: HP| security

3 things you can do today to improve the security of your web or mobile application

fod_review.pngHave you been thinking about taking steps to make sure your company isn't the next security breach headline? All the major software companies agree…it is better to do anything at all than do nothing. In other words, just get started.

Labels: HP| security

Don’t Play the AppSec Blame Game: Positive Interactions Between the Security and Development Teams

Mark Twain said, “If yApp_security_RGB_blue_NT.pngou hold a cat by the tail you learn things you cannot learn any other way.” Now substitute “hold a cat by the tail” with “tell a developer their code stinks." Either scenario will teach you valuable lessons, and both will give you scratches. But how do you minimize the scratches? By not playing the AppSec Blame Game. 

Search
About the Author(s)
  • Adam Cazzolla is a Sr. Security Consultant with HP Fortify on Demand.
  • http://www.danielmiessler.com/about
  • hacker, developer, script junkie [python,ruby,php]
  • Jason Johnson is a Sr. Security Consultant with HP Fortify on Demand.
  • I have a passion for security and endeavor to participate in strong security defenses.
  • Lucas Gates is an Advanced Dynamic Tester with the Fortify On Demand team who enjoys responsible hacking.
  • US Army veteran. IT and infoSec professional since 1994. Founder of HouSecCon. aka m1a1vet
  • Rick Dunnam is an IS security professional with 15+ years experience in Enterprise Security and has consulted for many industry verticals: Banking, CPG, Healthcare, Government, Hospitality, and more
  • Sam Denard is a Senior Security Engineer with HP Enterprise Security.
Follow Us


HP Blog

HP Software Solutions Blog

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation