Fortify - Application Security
Recent statistics show that almost half of breaches that cause material damage occur via applications. HP Fortify provides software and services that help organization secure applications to prevent those attacks. This blog serves as a platform for our penetration testers, product managers and marketers, and software engineers to provide analysis and insight regarding both web application security and how organizations can utilize our products and services to better secure their applications. For more information, visit

Displaying articles for: September 2013

Mobile Security: Threat Modeling Apple's TouchID

Screen Shot 2013-09-24 at 10.32.11 AM.png


There are three main ways that mobile devices are attacked. With TouchID, Apple is trying to increase mobile device security and protect your device from attacks. 


But is it really effective? Keep reading to hear my thoughts on this technology and what it means for InfoSec.  


Tags: 5s| apple| iphone| TouchID

Account Harvesting: The Fail Trifecta of Web Application Vulnerabilities

trifecta.jpgAt our testing practice here at Fortify on Demand we test a lot of web applications. We get them both as standalone web apps, and we get them as backends to mobile applications. During the course of this work we (too) often come across a serious issue that we refer to as Account Harvesting.


I call it a vulnerability, but really it’s really an uber-vuln—a brutal combination of three separate issues that are cause for significant concern when present simultaneously on the same app. It’s the fail trifecta of authentication security...

Announcing HP ArcSight Application View-protect your applications

Arcsight application view.pngWith the evolution of threats targeting applications as the weakest link in the security

ecosystem, it’s becoming more and more difficult to keep your information safeguarded. See how HP ArcSight Application View can help

Showing results for 
Search instead for 
Do you mean 
About the Author(s)
HP Blog

HP Software Solutions Blog


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.