To help make sure their applications are free of the flaws and vulnerabilities that can lead to security breaches, many enterprises are turning to static and dynamic code analysis tools, which offer them ways of examining code early in the app development lifecycle. That’s critical to catching potential disasters early in the process.
HP this week pounced an on opportunity to merge the two approaches to code analysis by purchasing its partner, Fortify, best known for its static code analysis tools. While the move follows rival IBM’s efforts to ramp up its own analysis offerings, HP sees plenty of room for its combined offerings — based on its earlier Hybrid 2.0 work with Fortify — to grow as enterprises realize the need for closer scrutiny of their application code. eSecurity Planet takes a look.
Sometimes, partnering isn’t enough. That’s the case with HP, which is now acquiring a former partner, code analysis vendor Fortify, to better ramp up its capabilities in enterprise application security.
Fortify’s chief claim to fame has been its static analysis tools, which enable developers to scrutinize the code of their applications and hunt for errors and potential security holes. HP, meanwhile, has offered a dynamic analysis tool, geared toward examining programs for flaws while they’re running. Together, the two have been partners on the Hybrid 2.0 Web security solution that paired Fortify’s static analysis with HP dynamic analysis approach.