Software security testing firm Fortify has unveiled Fortify on Demand, a stripped back version of its on-premise 360 product, that will offer software assessment through the cloud.
The company said that SaaS Fortify on Demand integrates source and binary code analysis with web application scanning to provide assessments on core set of over 90 vulnerabilities found in the most popular applications.
Speaking to CBR about the new platform, Barmak Meftah, SVP of products and technologies at Fortify, said that the company was hoping to attract more businesses from the SMB space. Fortify on Demand is a cheaper offering than 360 and can provide SMBs with access to expertise that they may otherwise lack. It also removes the need to install on-premise software.
“Our current customer base in the big business,” Meftah said. “But this is the start of an expansion into the SMB area. They can be constrained by issues of cost and complexity and this is a cheap and easy way to access our services. That’s the main benefit of on-demand delivery. It offers SMBs peace of mind with software that they have acquired.”
Fortify’s software security testing platforms focus on three phases – assessment, remediation and prevention. Meftah said that customers can get their software supplier to upload applications to Fortify’s platform, where the code can be tested for any potential issues before the firm reports back to the customer or software supplier.
Meftah added that while it makes sense to offer assessment in the cloud, the remediation and prevention will remain an on-premise activity. “It may shift there if the software is developed in the cloud but at the moment it makes sense to keep it on-premise. Diagnosis should be quick and easy, which means it suits the cloud, while prevention and remediation should be a long-term, high-level process.”
Fortify on Demand is available on a two tiered pricing structure. One is priced at $3,500 or €3,500 per scan per year for a single application. The other comes in at $10,000 or €10,000 a year for unlimited tests.
