Beruflich Dokumente
Kultur Dokumente
Industry
Public sector
Objective
Identify and eliminate vulnerabilities in the
munitions management software application in
order to ensure training superiority and achieve
readiness objectives
Approach
Use HP Fortify software to help prevent attacks
to the TAMIS system by accurately measuring
the security risk level and fixing application
vulnerabilities
IT matters
Identified the TAMIS applications risk profile
Reduced risk for the TAMIS project, within its
funding and resource level
Business matters
Effected a cultural shift in the TAMIS development
process
Established a development lifecycle approach to
software security
Enhanced the U.S. Armys security posture with a
higher level of confidence
used to maintain the rules pack, scan prerelease code during QA, and generate reports.
HP Fortify engineers assisted with the
installation process to tune the product for
the TAMIS environment. TAMIS also engaged
HP Fortifys support services to help review
initial scan results with its developers, as the
team needed some help prioritizing initial
findings to isolate the most serious threats.
The team found tuning Fortify Security
Center for the individual application was a bit
time-consuming, but essential to its success.
Finally, HP Fortify also completed two days
of in-depth product training with 10 TAMIS
developers.
About HP Enterprise
Security:
HP is a leading provider of security and
compliance solutions for modern enterprises
that want to mitigate risk in their hybrid
environments and defend against advanced
threats. Based on market leading products
from ArcSight, Fortify, and TippingPoint, the
HP Security Intelligence and Risk Management
(SIRM) Platform uniquely delivers the
advanced correlation, application protection,
and network defense technology to protect
todays applications and IT infrastructures
from sophisticated cyber threats. Visit HP
Enterprise Security at:
hpenterprisesecurity.com.
Customer at a glance:
Applications
Web-based ammunition management system
Software
HP Fortify Software Security Center
HP Fortify Static Code Analyzer
HP Services
Installation, implementation, and tuning services
Review of initial scan results
In-depth product training
2011, 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties
for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be
construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
4AA3-6919ENW, October 2013, Rev. 1