PCI compliance help via Fortify software

By SearchSoftwareQuality.com Staff 02 Jul 2008 | SearchSoftwareQuality.com

Software quality news and advice Digg This!     StumbleUpon     Del.icio.us

Fortify Software Inc. is making Payment Card Industry Data Security Standard (PCI DSS) 6.6 compliance easier for its customers with the addition of a project template that gives developers, auditors, and managers a PCI-centric view into the security of their software systems.

More information on PCI DSS compliance The realities of PCI DSS 6.6 application code reviews The realities of using WAFs for PCI DSS 6.6 compliance

Beginning June 30, customers using Fortify's cornerstone software security solution, Fortify 360, are able to immediately identify and remediate code level vulnerabilities that violate PCI DSS standards.

Currently, Fortify 360 integrates the results from three analyzers into a central repository where they are separated into folders that correspond to their priority. Fortify 360 offers users the ability to test applications using both static and dynamic analysis capabilities, as well as deploy real-time protection in the form of a software-based application firewall. Fortify representatives say the company is the only one to offer all three solutions.

As of June 30, when section 6.6 of the PCI DSS became mandatory, all merchants are required to implement source code analysis solutions or install a Web application firewall. This is in response to the increase in attacks directed against applications.

In response to the major milestone of section 6.6, Fortify's Security Research Group, working closely with Fortify customers, created an environment for Fortify 360 that both draws attention to critical security flaws and specifically highlights issues that violate the PCI DSS. This new capability for Fortify products is available to customers via download from the Fortify Customer Portal.

Tags: Software security testing tools,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Software security testing tools Commonly-overlooked security flaws in rich Internet applications 10 steps to acing Web app security assessments New tools target software QA, testing: Spring roundup Hack maliciously to boost your software's security What is fuzz testing? What are some ways to use fuzz testing? Why the quality assurance department should be involved in testing Using the Firefox Web Developer extension to find security flaws Top tools for testing Web application security Static analysis tool helps software engineers find bugs during builds Web security: Web services an overlooked entry point for attacks

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary penetration testing  (SearchSoftwareQuality.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary