Jump to navigation
Personalize your experience, access trials and downloads, and more.
The rapid adoption of mobile devices and the explosion of mobile apps has created a significant security challenge for organizations. Already stretched IT security teams are now responsible for mobile app security but often don’t have the resources and skills to thoroughly assess and score the risk in the rapid mobile deployment model. In addition, mobile apps are an easy target for hackers, putting your customers' private data at risk
HPE Security Fortify on Demand helps you meet the mobile challenge with a comprehensive mobile application security solution and the added benefit of being delivered as a managed service—relieving IT of the burden to do it all in-house.
Use our Basic assessments during the build process to analyze code, find vulnerabilities, and mitigate risk. Powerful remediation guidance is offered via detailed vuln data, line-of-code details, and corrective advice.
For Standard and Premium level assessments, we look at the entire technology stack: client, network, and server. Vulnerabilities found in one component (the client, for example) can be used while testing the server, to paint the truest picture of mobile application risk.
HPE Security Fortify on Demand uses a three-tier testing methodology to ensure that your mobile applications are secure. Fortify on Demand brings scale, security testing expertise, and Gartner MQ leading software security technology to you – through the cloud – giving you a complete mobile application security solution that can be managed by you, accessed by development partners and integrated with other Fortify Software Security solutions.
Identifies mobile application security vulnerabilities by leveraging market-leading application security testing technologies and expert security research backed by HPE.
Finds, verifies and prioritizes security vulnerabilities in all three layers and delivers actionable results faster than anyone else in the biz. Deliver your apps on time, every time.
Scales an organization’s security efforts by immediately giving them a global 24x7 testing team to review and validate all scans and a dedicated Technical Account Manager to drive the program.
Develop and enforce a BYOD policy with Fortify’s Mobile Reputation database, which allows integration with existing Mobile Device Management (MDM) and Mobile Application Management (MAM) solutions.
Fortify on Demand mobile ensures a safer, faster go-to-market strategy for mobile application security at all points: development, procurement, and launch.
The earlier vulnerabilities are identified, the less costly they are to remediate. Empower your developers to catch vulnerabilities early in the lifecycle with regular static code analysis using our Basic assessment subscriptions with line-of-code remediation advice.
Most penetration testers know the headaches of testing mobile applications. Before each release, simply upload the binary of your desired application and our expert team will conduct a thorough audit of your application utilizing the OWASP Top 10 (for Standard and Premium assessments) and remove false positives. Detailed and correlated results are then posted to your secure Fortify on Demand tenant dashboard and downloadable report.
For apps procured through a third-party, we can work with your vendor to ensure apps you receive are secure.
iOS, Android, Windows®, Blackberry
Client: automated binary
Client: manual binary
OWASP top 10
Client: source code
Server: Web services (dynamic)
Server: Web services (source code)
False positive removallink
The introduction and use of third-party applications can compromise the security of the enterprise infrastructure. Even mobile applications developed in house have the potential to leak sensitive employee information and company data. By offering an easy way to analyze mobile apps and inform MDM / MAM policies, Fortify gives companies more control over potential threats to their proprietary information.
The Fortify service includes free privacy checks for iOS and Android applications, either company owned or those applications deployed from the App Store. If an app isn’t in our database, the request process is easy – just provide the app information or upload a binary. Star ratings make it simple to create smarter whitelists or blacklists depending on your BYOD policy.
Fortify’s Behavioral Analysis engine is the most complete offering of its type in the industry. The test looks for malicious behaviors and privacy leaks. Example check categories include: use of insecure libraries, accessing or writing private data to insecure logs and directories, and reputation analysis on all traffic endpoints.
Are you a Fortify customer? Request access to the Fortify on Demand portal and reputation database.