HP is to integrate application security test features from niche market specialist Fortify Software Inc into its application lifecycle management suite.

Fortify 360’s Static Application Security Testing toolset will become available as part of HP’s Application Security Center and HP Quality Center application lifecycle management product lines, the companies have confirmed.

The move supports a need to build security and vulnerability prevention into the enterprise software development and application quality assurance processes, rather than the issue being seen as a separate aspect that’s owned by the security operation.

HP said a first integration step would focus on tying Fortify 360 static application security testing results into HP Assessment Management Platform. This is something that would give a real-time dashboard view of application security scanning efforts enterprise-wide.

The collaboration also includes integration of Fortify 360 source code security results with HP Quality Center’s defect management system. 

This will mean IT shops can submit security issues detected by Fortify 360 source code analysis into HP Quality Center’s defect management system, so they can be managed like other software defects.

Fortify 360 is an integrated dynamic and static analysis system designed to contain if not remove and prevent vulnerabilities in business applications. 

It provides extensive software security and risk management features that is intended to give everything that’s needed to automate, manage and enforce and enterprise security policy. The line being that automation is the only way to ensure the efficiency and success of any security initiative and prevent cyber-criminals hacking in at the business application level.

It allows enterprises to create a detailed application inventory of all enterprise software, assign risk profiles to all applications and then generate appropriate security policies tailored to each risk profile.

HP VP Jonathan Rende said, “Combining Fortify’s static application security testing technology with HP’s quality and web application security solutions delivers visibility across the application lifecycle.”