Security Products
Showing results for 
Search instead for 
Do you mean 

Open Source Security is the focus for Fortify/Sonatype Integration

CaroleLoomis ‎02-27-2014 11:45 AM - edited ‎07-07-2015 12:59 PM

On Monday HP announced a partnership with Sonatype to further reduce the risk introduced by open-source software. The integration with Sonatype's component life cycle management (CLM) analysis technology, allows HP Fortify on Demand 's customers to analyze their application's use of open source and 3rd party components, understand the application's components and composition including a "component bill of materials", and uncover know potential security, licensing, policy and quality problems. We  believe this represents the industry's first on-demand application security solution providing a combination of static, dynamic and open source risk analysis.


Sonatype Integration.png


The open source risk analysis is complementary and can be accessed within the Fortify on Demand portal. To find out more about Sonatype, Fortify on Demand and the open source security solution visit 

About the Author


Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
1-3 December 2015
Discover 2015 London
Discover 2015 in London, the ultimate showcase technology event for business and IT professionals to learn, connect, and grow.
Read more
November 2015
Software Online Expert Days
Join us online to talk directly with our Software experts.
Read more
View all