PCI compliance help via Fortify software

By SearchSoftwareQuality.com Staff 02 Jul 2008 | SearchSoftwareQuality.com

Software quality news and advice Digg This!     StumbleUpon     Del.icio.us

Fortify Software Inc. is making Payment Card Industry Data Security Standard (PCI DSS) 6.6 compliance easier for its customers with the addition of a project template that gives developers, auditors, and managers a PCI-centric view into the security of their software systems.

More information on PCI DSS compliance The realities of PCI DSS 6.6 application code reviews The realities of using WAFs for PCI DSS 6.6 compliance

Beginning June 30, customers using Fortify's cornerstone software security solution, Fortify 360, are able to immediately identify and remediate code level vulnerabilities that violate PCI DSS standards.

Currently, Fortify 360 integrates the results from three analyzers into a central repository where they are separated into folders that correspond to their priority. Fortify 360 offers users the ability to test applications using both static and dynamic analysis capabilities, as well as deploy real-time protection in the form of a software-based application firewall. Fortify representatives say the company is the only one to offer all three solutions.

As of June 30, when section 6.6 of the PCI DSS became mandatory, all merchants are required to implement source code analysis solutions or install a Web application firewall. This is in response to the increase in attacks directed against applications.

In response to the major milestone of section 6.6, Fortify's Security Research Group, working closely with Fortify customers, created an environment for Fortify 360 that both draws attention to critical security flaws and specifically highlights issues that violate the PCI DSS. This new capability for Fortify products is available to customers via download from the Fortify Customer Portal.

Tags: Software security testing tools,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Software security testing tools Beating software's cross-site scripting, authentication problems Free tools for Agile testers Put a stop to software espionage by watermarking source code How to make your software tamperproof How can I tell if my software security has been breached? Lesser-known free software testing tools testers should try Demo: Using WebGoat, a free software testing tool Rich Internet applications security testing checklist Finding cross-site scripting (XSS) application flaws checklist Webgoat Tutorial

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary penetration testing  (SearchSoftwareQuality.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary