HP’s security software as a service gets FedRAMP OK

HP has announced the authorization of HP Fortify on Demand as the first security software-as-a-service to win provisional authorization under the FedRAMP program. The service will allow federal agencies to perform security assessments on application code and web services without the installation and management of additional software.

According to research by HP Enterprise Security Products, software vulnerabilities account for more than 70 percent of agencies’ cyber breaches and grant hackers unrestricted access to an agency’s network and data once exploited.

HP said its Fortify on Demand addresses this concern with continuous monitoring of deployed software across more than 600 vulnerability categories and services, thereby mitigating risk and identifying vulnerabilities within their network.

The service is currently authorized for agency use to perform security assessments across application code, web services testing and end-to-end mobile application testing. Meanwhile static code scanning for major programming languages is performed system-side at the code layer and then reviewed by an HP static auditor. Dynamic website and web services testing combine HP WebInspect and manual penetration testing followed by an HP auditor’s review as well.

 “Organizations can no longer afford to simply respond to breaches as they arise,” said Rob Roy, CTO of HP Enterprise Security Products. Instead, agencies must take a proactive stance in rooting out cyber vulnerabilities and securing software in every stage of its development lifecycle.

About the Author

Jonathan Lutton is an FCW editorial fellow. Connect with him at [email protected]


  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected