|Archive for ‘SDLC’

Segregation of Duties for HPE Fortify Software Security Center

Are you one of the many users of HPE Fortify with only one instance of Software Security Center (SSC)? Why? In my experience, it’s been much better to maintain a segregation of duties between the scan-upload-fix-rescan SSC instance and the reporting or dash-boarding role.

Bridging the gap between On-premises and Cloud-based Application Security Testing

In today’s connected business world, applications know no boundaries, as enterprises conduct business ubiquitously via ‘the Cloud’. At the core of enabling this exponentially growing move are Cloud resource providers, like Amazon’s AWS, HPE’s Helion OpenStack Platform, or Microsoft’s Azure. Working in tandem (no pun intended) with the DevOps movement/systems/technologies and Agile software development teams, […]