Wipro and Fortify Software Form Partnership to Assure the Security of Client Software Worldwide

By Fortify Software

Wipro Technologies, the global IT services business of Wipro Limited (NYSE:WIT) and Fortify Software Inc., the market leader in enterprise application security solutions for Business Software Assurance, announced today the launch of the industry’s first joint center to assess and assure the security of client applications.

The new Wipro Software Assurance Center (SAC) uses industry-leading Fortify 360 technology and will operate from Wipro’s India and regional facilities in the US and EMEA, delivering software assurance capabilities to thousands of global clients via managed (SaaS) or on-demand models.

“A changing vulnerability and threat landscape, as well as continuing compliance-related requirements, are driving an expansion of vulnerability management programs into the application space,” states Vinod Muniyappa, Practice Head, Application Security.

“Traditionally, organizations have focused their vulnerability management efforts on desktops, servers and network devices, reacting to critical vulnerabilities through patch management programs. But this changing landscape is requiring companies to expand their vulnerability management activities to include large-enterprise applications, databases, externally facing Web applications and internally developed applications. Wipro’s Software Assurance Center (SAC) allows organizations to proactively detect and mitigate the risk from various threat sources, applying Fortify’s industry-leading technology.”

According to NIST (National Institute for Standards & Technology), 92% of network security vulnerabilities are found in software applications. At the same time, enterprise outsourcing of application development is becoming increasingly widespread - a survey by research firm Quocirca this April found that 90 percent of companies surveyed outsource almost half of their code development. Recent, highly publicized data breaches at companies such as TS Ameritrade and Hannaford Brothers also illustrate the need to ensure the security of any software application that might contain exploitable vulnerabilities.

“Enterprises need a cost-effective, scalable way to assess the business risk posed by insecure applications and remediate those vulnerabilities, whether those applications are developed within their organization, or by an outsourcing relationship with a trusted provider,” said John M. Jack, CEO, Fortify Software. “Wipro has the resources, skills and customer base to complement Fortify’s market-leading technology and deliver a service to meet those needs.”

The Wipro SAC offers clients a service that provides visibility into the risks posed by vulnerable software and assesses applications using world-class Fortify technology and skilled personnel to provide a measure of the application’s security health – the Software Assurance Score™. The Wipro SAC can also validate an application’s compliance to key regulations such as PCI, GLBA and HIPAA.
“Application development and IT security have been outsourced for years, and now organizations are also beginning to outsource for application security,” notes Diana Kelley, principal analyst, SecurityCurve. “With application attacks on the rise, software security is something every organization must address.”

“Fortify is the clear leader of the application security testing market, providing the most comprehensive assessment and remediation technology available,” added Vinod Muniyappa. “This partnership is strategic for both of companies, allowing Wipro to offer the industry’s first joint center for software assurance to our clients, and providing Fortify with a solution for software development serving the world’s largest enterprises.”

“Wipro’s Enterprise Security Solutions is a global leader in providing IT services and technologies to help large organizations address a broad range of information security issues,” added Jack. “This partnership marks a major milestone for Fortify as we continue to build out our framework for Business Software Assurance and help companies address enterprise risk at the application level.”