Security by Design is a proactive approach to the ever-changing threat landscape – learn more at the inaugural OpenText Security Summit 2024. February 6
WATERLOO, ON, February 5, 2024 /CNW/ — OpenText™ (NASDAQ: OTEX ), (TSX: OTEX ), today announced the second generation of its advanced cybersecurity auditing technology will debut at the inaugural OpenText Security Summit 2024. February 6. Today’s developers face more complexities and threats in multi-cloud environments. Security teams are feeling increasing pressure to address application security with more sophisticated tools and practices. Fortify Audit Assistant is OpenText’s solution for building security at the very beginning of the software development lifecycle—at the beginning of the code—and building robust, secure, and reliable software systems.
Fortify Audit Assistant raises the bar for accuracy and performance, increasing developer efficiency by reducing noise and false positives. In doing so, security teams can focus on the vulnerabilities that matter most. Triage and validation of raw static analysis results is one of the most time-intensive manual processes within application security testing. Companies cannot afford to hire a team of software, computer science and software vulnerability testing experts. Fortify Audit Assistant was created to automate security and solve these problems by using machine learning to learn from Fortify’s human auditors.
“The first generation Fortify Audit Assistant was way ahead of its time with its use of predictive analytics and machine learning,” he said Prentiss Donohue, Executive Vice President of Cyber Security. “These pioneering efforts paved the way for us to take 10 years of data from human experts and turn it into predictive models that are significantly more accurate compared to previous generation models, improving audit efficiency by reducing false positives by up to 90%. Businesses can now take advantage of this depth of information—something no one else in the industry can provide—within their own software assurance programs.”
Major updates to the next generation of Fortify Audit Assistant include:
- Account for model displacement. The new Audit Assistant models take a proactive approach to the ever-changing threat landscape by automating processes that measure and report on how the models are performing and refresh them as needed to respond to any movement in the model. Updated models will be delivered every quarter.
- Flexibility to learn from the company’s unique environment. The next generation of Audit Assistant addresses the unique data privacy needs of every company. In the first generation, one model was used for SaaS and on-prem environments. The new Audit Assistant on-prem pipeline model is designed to learn the unique behavior of company projects. This learning gets better and better over time as more vulnerabilities are audited, the models continually learn what is appropriate for the company’s project—all while remaining IP sensitive.
- Expansive model expertise through language specification. No single model can effectively cover every programming language. To provide greater vulnerability insight and expertise in on-prem and cloud environments, the next-generation Fortify Audit Assistant now includes more than 30 language-specific models. Having one model for C++, another model for JavaScript, etc. greatly improves model performance by allowing the “team of experts” (aka models) to go narrower and deeper thus increasing the likelihood of finding real vulnerabilities in the software.
- Additional data and context. Fortify Audit Assistant scans and identifies true positives or false positives among millions of lines of code. Sometimes the result of a scan is a vulnerability, but it may not be exploitable because the code in question is test code and not code that is being deployed. In this next generation, Fortify Audit Assistant takes the nuances of scan results into account. This significantly improves the speed and efficiency of audits.
For a complete list of new features and functionality in the next generation of Fortify Audit Assistant, please visit this whitepaper and blog.
OpenText Security Summit attendees will be shown a demo of Fortify Audit Assistant; a demo will also be available for playback. Additional demos at the summit include Voltage Fusion + Content Services, a unique integration that addresses the challenges of managing sensitive data, and NetIQ Identity Manager in OpenText Private Cloud, a compliance offering that spans hybrid environments.
About Cyber Security OpenText
OpenText Cybersecurity provides comprehensive security solutions for companies and partners of all sizes. From prevention, detection and response to recovery, investigation and compliance, our unified/end-to-end platform helps customers build cyber resilience through a holistic security portfolio. By driving actionable insights from our real-time and contextual threat intelligence, OpenText Cybersecurity customers benefit from highly effective products, a consistent experience and simplified security to help manage enterprise risk.
About OpenText
OpenText, The Information Company™, enables organizations to gain insight through market-leading information management solutions, powered by OpenText Cloud Editions. For more information about OpenText (NASDAQ: OTEX , TSX: OTEX) visit opentext.com.
Connect with us:
CEO of OpenText Mark Barreneche blog
Twitter | LinkedIn
Certain statements in this press release may contain words that are considered forward-looking statements or information under applicable securities laws. These statements are based on OpenText’s current expectations, estimates, forecasts and projections about the operating environment, economies and markets in which the company operates. These statements are subject to important assumptions, risks and uncertainties that are difficult to predict, and the actual outcome may differ materially. OpenText’s assumptions, although believed to be reasonable by the company as of the date of this press release, may prove to be incorrect and, consequently, actual results could differ materially from the expectations set forth herein. For additional information regarding risks and other factors that may arise, please refer to OpenText’s Annual Report on Form 10-K, Quarterly Reports on Form 10-Q and other securities filings with the SEC and other securities regulators. Except as otherwise required by applicable securities laws, OpenText disclaims any intention or obligation to update or revise any forward-looking statements, whether as a result of new information, future events or otherwise.
Copyright © 2024 OpenText. All rights reserved. Trademarks owned by OpenText. One or more patents may cover this product(s). For more information, visit https://www.opentext.com/patents. The mentioned third party products are owned by the respective third parties and/or their affiliates.
OTEX-G
SOURCE Open Text Corporation
For additional information: Julie Dearing, OpenText Cybersecurity, [email protected]