Fortify has launched two new whitepapers that are intended to help cloud infrastructure providers and their customers understand how to unlock the full benefits of the cloud through software security.
The business whitepaper ‘Capturing the New Frontier: How Software Security Unlocks the Power of Cloud Computing' is intended for anyone involved in evaluating a move to the cloud so that they understand and can address the unique software security risks of the cloud.
A technical whitepaper ‘Software Security in the Cloud: A Technical Perspective' is aimed at security practitioners and developers interested in gaining a deeper technical understanding of the vulnerabilities inherent to a cloud environment, and how to take action to mitigate these vulnerabilities.
Brian Chess, founder and chief scientist at Fortify, said: “The shared nature of the cloud dramatically amplifies the need for software security. Through an aggressive education campaign and our new product capabilities, we hope to make it easy for cloud providers and cloud consumers to understand and deploy secure software that can be trusted in any environment and unlock the full benefits of the cloud.”
Alongside these launches, the company has also announced new capabilities in its Fortify 360 and Fortify on Demand products. These include cloud-specific vulnerability analysis, a security cloud readiness scorecard and remediation capabilities that, according to Fortify, enable teams not just to evaluate the readiness of their software for cloud environments, but to find and fix security vulnerabilities that could be caused specifically by a move to a cloud environment.
The new cloud-specific capabilities in Fortify 360 enables users to test for security issues specific to the cloud and produce a cloud readiness scorecard, which rates an application from weak to strong depending on the number of minor or major fixes required before the application should be moved to the cloud. They can then mitigate vulnerabilities and deploy applications safely within cloud environments.
Chess said: “Like immunising themselves against infection, cloud providers can use Fortify 360 or Fortify on Demand to ensure that bad code introduced by one or more customers doesn't contaminate their cloud offering.
“They can also create premium offerings around applications or infrastructure where software security has been rigorously applied. For cloud consumers, our products can ensure that their code is secured and that they can trust their software before the move to this unique shared environment.”