Fortify - Application Security
Recent statistics show that almost half of breaches that cause material damage occur via applications. HP Fortify provides software and services that help organization secure applications to prevent those attacks. This blog serves as a platform for our penetration testers, product managers and marketers, and software engineers to provide analysis and insight regarding both web application security and how organizations can utilize our products and services to better secure their applications. For more information, visit www.hp.com/go/fortify

WebInspect Web Proxy Attack String Obfuscation Automation

Web Inspect.jpgSee how HP WebInspect Web Proxy application tool can be a useful feature for obfuscation of attack strings with various types of character set encodings to help bypass Web Application Firewalls (WAF).

Authenticated application security tests vs. unauthenticated

robots.jpg

 

It’s generally true that unauthenticated tests are faster and cheaper than authenticated scans but are they really giving a complete picture of an application's security posture?

Header security – The new novelette

PHYSED blog480 with credit.jpgDo you want to provide extra layers of protection for your website users without a great deal of investment? With some simple HTTP header configurations, your website can boost the defense against injection attacks, SSL enforcement issues, information aggregation, and more.

5 trends in the future of software security

software security 2.jpgSoftware security—over the past decade, we’ve seen a lot of changes. At HP Protect, we'll be looking forward and discussing the 5 trends that you can expect to see in the future of software security.  

Sacrificing application security to meet demands? Not with HP Fortify!

HP-Fortify-On-Demand.jpgHP Protect is coming up fast, and there’s so much to take in while you’re there. Surrounded by the best in security, you’ll want to make time to attend a few HP Fortify demos. Remember: There's no need to sacrifice your application security when you've got HP Fortify in your corner!

Making the Case for Application Security Testing

small__5474825330.jpgRunning into the seemingly never-ending struggle to get some priority in your organization for application security testing? Consider the following thoughts which may aid your cause.

Looking Out and Looking In

insider_threat_solutions.jpgAre you testing your internal applications for vulnerabilities?  You really should be.

The Slow Death of Manual Testing

2014-06-04_11-51-21.pngWe’ve seen the future and the future is scary...read a bit more about an alarming trend in the assessment and security consulting industry.

 

File Inclusion – The Underdog of Security Vulnerabilities

file_inclusion.jpg

 Not seen on OWASP's Top Ten since before 2010, that means file inclusion vulnerabilities don't exist anymore, right?

HP Fortify security solutions at HP Discover 2014

HP Discover.pngAt HP Discover, we offer hands-on activities for all attendees. Read more about session TNG3405, Fortify Security Solutions, in this post. 

How ShadowLabs empowers Fortify

 

meticon.pngAfter attending Defcon this year and talking with others in the industry, I realized that I need to let you in on our group here at Fortify On Demand.

 

Continue reading to learn the more about ShadowLabs and how you can join our advanced testing team.

Defend your mobile applications in a mobile society

WPImage_DefenseForMobileApps.jpgHave you noticed the shift in our society? It is not uncommon for everyone to be on their mobile devices at all times. The prevalence of these devices has created additional security threats for individuals and organizations alike. Continue reading to find out steps you can take today to better protect yourself and your organization.

Introducing Fortify On Demand

Welcome to the HP Fortify On Demand blog! In our first inaugural article we will introduce the latest offering from HP Fortify On Demand at www.FortifyMyApp.com.

Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
  • Abhishek Rath is a Security Consultant with Fortify on Demand based out of New York City, New York. His areas of expertise are application security testing, risk management and building application security programs for the Global and Fortune 100. He can be reached at Abhishek.Rath@hp.com
  • Adam Cazzolla is a Sr. Security Consultant with HP Fortify on Demand.
  • http://www.danielmiessler.com/about
  • hacker, developer, script junkie [python,ruby,php]
  • Jason Johnson is a Sr. Security Consultant with HP Fortify on Demand.
  • I have a passion for security and endeavor to participate in strong security defenses.
  • Lucas Gates is an Advanced Dynamic Tester with the Fortify On Demand team who enjoys responsible hacking.
  • US Army veteran. IT and infoSec professional since 1994. Founder of HouSecCon. aka m1a1vet
  • Rick Dunnam is an IS security professional with 15+ years experience in Enterprise Security and has consulted for many industry verticals: Banking, CPG, Healthcare, Government, Hospitality, and more
  • Sam Denard is a Senior Security Engineer with HP Enterprise Security.
HP Blog

HP Software Solutions Blog

Featured


Follow Us
Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.