Results 1 to 3 of 3
  1.    #1  
    Hi all,

    How this plays out for Palm and/or webOS, I have no idea. However, it is interesting all the same.

    Take care,

    Jay

    HP Acquires Fortify [HP Announces the Acquisition of Security Software Company Fortify]
    Posted August 18th 2010 by Brian Yalung

    HP Acquires Fortify [HP Announces the Acquisition of Security Software Company Fortify] » TFTS – Technology, Gadgets & Curiosities

    HP is in the news again but this time on a business pitch. After dealing with the celebrated sexual harassment case of its former CEO Mark Hurd, HP now announces its plan to acquire security software company Fortify.

    The move is seen as a strategic one. The impending acquisition will place Fortify as part of the Business Technology Optimization application portfolio of HP which will be made available as usual through HP’s sales and service channels.

    Fortify security products and services help aid in providing better security management for companies as far as potential threats to the business software applications are concerned.

    The company’s software evaluates and test software code for security flaws while programs are actually being developed.

    Seen more of as an enterprise play, the new acquisition follows the earlier deals made by HP on Melodeo and Palm.

    It looks like HP is operating on all cylinders despite the personal debacles that have hit their top management exec.
    Please Support Research into Fibromyalgia, Chronic Pain and Spinal Injuries. If You Suffer from These, Consider Joining or Better Yet Forming a Support Group. No One Should Suffer from the Burden of Chronic Pain, Jay M. S. Founder, Leesburg Fibromyalgia/Resources Group
  2.    #2  
    Hi, here is a little more info.

    Take care,

    Jay

    HP Buys Fortify: It's About Time
    by: Dana Gardner August 18, 2010 |

    HP Buys Fortify: It's About Time -- Seeking Alpha

    What took HP (HPQ) so long? Store that thought.

    As we’ve stated previously, security is one of those things that have become everybody’s business. Traditionally the role of security professionals who have focused more on perimeter security, the exposure of enterprise apps, processes, and services to the Internet opens huge back doors that developers unwittingly leave open to buffer overflows, SQL injection, cross-site scripting, and you name it. Security was never part of the computer science curriculum.

    But as we noted when IBM Rational acquired Ounce Labs, developers need help. They will need to become more aware of security issues but realistically cannot be expected to become experts. Otherwise, developers are caught between a rock and a hard place – the pressures of software delivery require skills like speed and agility, and a discipline of continuous integration, while security requires the mental processes of chess players.

    At this point, most development/ALM tools vendors have not actively pursued this additional aspect of quality assurance (QA); there are a number of point tools in the wild that may not necessarily be integrated. The exceptions are IBM Rational and HP, which have been in an arms race to incorporate this discipline into QA. Both have so-called “black box” testing capabilities via acquisition – where you throw ethical hacks at the problem and then figure out where the soft spots are. It’s the security equivalent of functionality testing.

    Raising the ante

    Last year IBM Rational raised the ante with acquisition of Ounce Labs, providing “white box” static scans of code – in essence, applying debugger type approaches. Ideally, both should be complementary – just as you debug, then dynamically test code for bugs, do the same for security: white box static scan, then black both hacking test.

    Over the past year, HP and Fortify have been in a mating dance as HP pulled its DevInspect product (an also-ran to Fortify’s offering) and began jointly marketing Fortify’s SCA product as HP’s white box security testing offering. In addition to generating the tests, Fortify's SCA manages this stage as a workflow, and with integration to HP Quality Center, autopopulates defect tracking.

    We’ll save discussion of Fortify’s methodology for some other time, but suffice it to say that it was previously part of HP’s plans to integrate security issue tracking as part of its Assessment Management Platform, which provides a higher level dashboard focused on managing policy and compliance, vulnerability and risk management, distributed scanning operations, and alerting thresholds.

    In our mind, we wondered what took HP so long to consummate this deal. Admittedly, while the software business unit has grown under now departed CEO Mark Hurd, it remains a small fraction of the company’s overall business. And with the company’s direction of “Converged Infrastructure”, its resources are heavily preoccupied with digesting Palm and 3Com (not to mention, EDS).

    The software group therefore didn’t have a blank check, and given Fortify’s 750-strong global client base, we didn’t think that the company was going to come cheap (the acquisition price was not disclosed). With the mating ritual having predated IBM’s Ounce acquisition last year, buying Fortify was just a matter of time. At least a management interregnum didn’t stall it.

    Finally!

    Disclosure: HP is a sponsor of BriefingsDirect podcasts
    Please Support Research into Fibromyalgia, Chronic Pain and Spinal Injuries. If You Suffer from These, Consider Joining or Better Yet Forming a Support Group. No One Should Suffer from the Burden of Chronic Pain, Jay M. S. Founder, Leesburg Fibromyalgia/Resources Group

Posting Permissions