Friendly: Spyware Doctor v3.8.0.1557
25th September 2008 - Fortify Software sees IBM s late entry into the static analysis marketplace as a limited step in the right direction...
Fortify notes that IT research firm Dataquest reports Fortify s revenue led the entire application security testing market, including IBM s dynamic testing product line.
Competition is always good for the industry, but it s the customer that makes the final decision as to which product or service they source, said Barmak Meftah, Fortify s senior vice president of products and technology.
It s therefore worth noting that Fortify s static analyzer covers 17 programming languages, whereas IBM addresses a lot less. In addition, our analyzer can discover more than 315 types of vulnerabilities, whereas IBM uncovers far fewer, he added. Also, Fortify can support seven major IDEs beyond just IBM Eclipse.
According to Meftah, for IT security experts whose job - particularly in these economically challenging times - depends on ensuring that ALL vulnerabilities are revealed, Big Blue s offering might keep some of the hackers out.
But not all of them.
And the ones that get through will probably be the ones that have architected the most complex attack vectors, he noted.
Meftah went on to say that IBM s offering leads with dynamic security analysis via the Watchfire AppScan pen testing capability.
But, he said, effective communication and interaction with developers requires an extensive inside out, code-level knowledge approach compared to the outside in black box capability that Watchfire brings to the IT security table.
It s also worth recognising, he added, that Fortify s offering was built around the language and environment to optimally support developers.
Of course, application vulnerability is what we have specialized in since we were founded in 2003. IBM, in contrast, has produced mainframes, minicomputers, PCs, and software, he said.
If you want convenience, you go to the convenience store. If you want high quality, however, you go to the specialist, he added.
For more on IBM s entry into static code analysis market: http: tinyurl.com 3pyf2r
For more on Fortify Software: http: www.fortify.com
Software:
OEM SOFTWARE
Комментариев нет:
Отправить комментарий