Oracle announced that it will integrate Fortify Software's security analysis tools into its software development process. Fortify Software's tools scan source code to find potential security problems, test software for various vulnerabilities such as buffer overflows and SQL injection attacks, and help manage the security aspects of project development.
Fortify and Oracle worked together to enhance Fortify's solutions so that they could
accommodate Oracle's large code base, which consists of tens of millions of lines. The use of Fortify's solutions could reduce the number of patches released in the long run.
“Security is an evolving process for vendors and customers. Over the years we have modified our security development processes to meet the changing security environment,” said Oracle Chief Security Officer, Mary Ann Davidson. “Our work with Fortify is just one aspect of how Oracle is continuously working to strengthen its secure development lifecycle.”