Fortify

Company type	Software Vendor
Industry	Computer software
Genre	Software Security Assurance
Founded	2003
Founder	Ted Schlein ofKleiner, Perkins, Caufield & Byers, Mike Armistead, Brian Chess, Arthur Do, Roger Thornton
Headquarters	San Mateo, California , United States
Key people	John M. Jack(formerCEO), Jacob West(head of Security Research Group), Brian Chess(former Chief Scientist), Arthur Do(former Chief Architect)
Owner	OpenText
Website	OpenText OpenText Cybersecurity Cloud

Fortify Software, later known asFortify Inc., is aCalifornia-based software security vendor, founded in 2003 and acquired byHewlett-Packard in 2010,^[1][2][3]Micro Focus in 2017, andOpenText in 2023.

Fortify offerings includedstatic application security testing^[4] anddynamic application security testing^[5] products, as well as products and services that supportsoftware security assurance. In 2011, Fortify introducedFortify OnDemand, a static and dynamic application testing service.^[6]

Fortify Software was founded byKleiner Perkins in 2003. Fortify Inc. was acquired by HP in 2010.^[7]

On September 7, 2016, HPE CEOMeg Whitman announced that the software assets of Hewlett Packard Enterprise, including Fortify, would be merged withMicro Focus to create an independent company of which HP Enterprise shareholders would retain majority ownership.^{[citation needed]}

Micro Focus CEO Kevin Loosemore called the transaction "entirely consistent with our established acquisition strategy and our focus on efficient management of mature infrastructure products" and indicated that Micro Focus intended to "bring the core earnings margin for the mature assets in the deal - about 80 percent of the total - from 21 percent today to Micro Focus's existing 46 percent level within three years."^[8]

OpenText acquired Micro Focus (including Fortify Software products) in 2023.^[9]

Fortify created a security research group that maintained the Java Open Review project^[10] and the Vulncat taxonomy of security vulnerabilities in addition to the security rules for Fortify's analysis software.^[11] Members of the group wrote the bookSecure Coding with Static Analysis, and published research, includingJavaScript Hijacking,^[12]Attacking the build: Cross build Injection,^[13]Watch what you write: Preventing Cross-site scripting by observing program output,^[14] andDynamic taint propagation: Finding vulnerabilities without attacking.^[15]

• List of tools for static code analysis

• Official website
• Joy, Bill (September 26, 2006)."Software Isn't Complete Unless It's Secure".BusinessWeek. RetrievedDecember 17, 2018.

• OpenText
• 2003 establishments in California
• Database security
• Hewlett-Packard acquisitions
• American companies established in 2003
• Software companies established in 2003
• Static program analysis tools
• Software companies based in the San Francisco Bay Area
• Companies based in San Mateo, California
• 2010 mergers and acquisitions
• 2017 mergers and acquisitions
• Micro Focus International
• American subsidiaries of foreign companies
• Defunct software companies of the United States

• Articles with short description
• Short description matches Wikidata
• All articles with unsourced statements
• Articles with unsourced statements from August 2020