Micro Focus (LSE: MCRO; NYSE: MFGP) announced on June 10 that Fortify on Demand has migrated its application security testing services to AWS GovCloud, furthering the ability to offer enhanced testing, vulnerability management, and support to critical federal agencies. Fortify on Demand remains the first and only application security managed service vendor that is authorized by the Federal Risk and Authorization Management Program (FedRAMP) to offer government agencies seamless application security testing while adhering to internal risk management policies.
“Since 2015, Fortify on Demand has been the only authorized FedRAMP AppSec solution in the market,” said Scott Johnson, General Manager for Micro Focus Fortify. “Micro Focus’ Fortify on Demand has earned the trust of federal agencies for its enhanced capabilities and features that offer testing, vulnerability management, expertise, and support. The migration to AWS GovCloud will provide these critical government organizations with the ability to accelerate their AppSec programs with the fastest, most accurate results available.”
With the migration to AWS GovCloud, Fortify on Demand now offers secure services such as static, dynamic, and mobile application testing as a service to the nation’s critical agencies, including the Department of Defense, the Department of Homeland Security, the Department of State, the Federal Aviation Administration, the United States Army, and the United States Air Force. Essential benefits by Fortify on Demand include:
- The ability to adhere to International Traffic in Arms Regulations (ITAR), the FedRAMP requirements, Defense Federal Acquisition Regulation Supplement (DFARS), DoD (SRG) Impact Levels 2, 4, and 5, FIPS 140-2, IRS-1075, and other compliance regimes.
- The ability to protect sensitive unclassified data files with server-side encryption in Amazon S3.
- The ability to strengthen identity management controls by limiting access to sensitive data by individual, time, and location.
Additionally, Fortify on Demand on AWS GovCloud is the first and only cloud-accessible managed application security testing platform that is Joint Authorized Board (JAB) certified and FedRAMP authorized. This means government agencies can perform application security testing easily and confidently while adhering to internal risk management policies. This allows for the following key benefits:
- Enables government programs, security organizations, and application development teams to extend and scale their Software Security Assurance Programs quickly and efficiently.
- Combines the most advanced, comprehensive application testing methodologies with manual expert review.
- A centralized portal provides intuitive, user-friendly and comprehensive application dashboards, vulnerabilities, and work streams for a single application or across your entire portfolio.
- Integration of on-premises and cloud-based application security testing and program management solutions, specifically for U.S. government agencies.
- The ability for State, Local and Education (SLED) entities to utilize Fortify on Demand services within the FedRAMP environment.
Please contact Account Manager Michael Tabor at Michael.firstname.lastname@example.org for more information.