Air Force to probe code in development

The Air Force has awarded contracts totaling $10.2 million to three providers of application security analysis and testing software. The awards are part of the service's Application Software Assurance Center of Excellence effort to look for and fix security vulnerabilities in its internally written software.

Fortify Software won the biggest piece of the initiative and will provide the Air Force with more than $7 million in software. The Air Force will buy and use three Fortify software packages, each designed to look for a specific class of security vulnerabilities during the software development process when flaws are most likely to occur and are the easiest to fix.

The three Fortify products are its Source Code Analysis software, used early in development to detect and correct security weaknesses in source code; its Defender software, used to analyze Web applications and applications programming interfaces; and its Tracer security testing software that finds hard-to-detect weaknesses in finished or nearly finished software or corroborates results from other security tests.

Other vendors that will participate in the program are IBM's Watchfire subsidiary and Application Security.

Featured

  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected