Fortify - Application Security
Recent statistics show that almost half of breaches that cause material damage occur via applications. HP Fortify provides software and services that help organization secure applications to prevent those attacks. This blog serves as a platform for our penetration testers, product managers and marketers, and software engineers to provide analysis and insight regarding both web application security and how organizations can utilize our products and services to better secure their applications. For more information, visit

What You Need to Know About the Logjam Vulnerability

Unknown-1.jpegThere's a new encryption vulnerability called Logjam that's currently getting some attention.


Similar to the Freak SSL vulnerability it has to do with using encryption algorithms that have been deprecated, but the details are slightly different in this case.


Here are a few things you should know about the issue and what you should do about it.

Validating SQL injection security findings with WebInspect’s SQL Injector tool

In the process of application security testing, vulnerability scanning tools like HP WebInspect will report that they’ve found a SQL injection vulnerability. Because this type of vulnerability will sometimes produce a false positive, it is important to validate the finding.

Tags: Fortify

Insight on the SSLv3 POODLE Vulnerability

Poodle-3.jpgThe SSLv3 POODLE attack has been publicly released. Now the questions are being asked about the risks that are involved with the attack and what the steps are to mitigate. We will break down the POODLE attack to the basics to help answer these questions.

Security Demystified: SQL Injection

large_3173827605.jpgDespite very good options for defense, SQL injection is still one of the most common vulnerabilities found across web applications.  What is it, and how can we defend against it?

Showing results for 
Search instead for 
Do you mean 
About the Author(s)
HP Blog

HP Software Solutions Blog


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.