Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Micro Focus > Fortify > Flashcards

Fortify Flashcards

1
Q

Give the elevator pitch for Fortify.

A

Fortify is a suite of tightly integrated solutions for identifying, prioritising, and helping with the process of fixing security vulnerabilities in software.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Give the elevator pitch for Fortify on Demand.

A

~ helps resolve software vulnerabilities using the only solution that fully integrates vulnerability analysis across the entire software lifecycle - from development to QA testing to deployed applications.
~ offers end-to-end application security, delivered as a service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the 3 key value props of FoD?

A 
#1 Secure Development: Finding and fixing application security issues early, during development, is far less costly than waiting until after an app has been deployed, so empowering developers to create secure software from inception is critical.
#2 Security Testing: A dynamic or mobile assessment  of the running app in a QA, test, staging or production environment simulates the real-world hacking techniques and attacks employed by the bad guys.
#3 Production Monitoring: FoD provides all production application monitoring  activities in a single, integrated place.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the personas to sell FoD to?

A

CISO, AppSec Manager, and QA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the CISO’s role in the FoD buying process and what are they responsible for?

A

Buyer/decision maker/budget owner. Responsible for protecting business and brand through overall risk management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the AppSec Manager’s role in the FoD buying process and what are they responsible for?

A

Evaluator/project owner. Make sure all teams are aligned and manages AppSec program. Determines how to integrate in security testing and automate tool chains.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the QA’s role in the FoD buying process and what are they responsible for?

A

Influencer. Application testing/user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does the CISO care about reg. AppSec testing?

A

Securing intellectual property, sensitive data, and adhering to compliance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does the AppSec Manager care about reg. AppSec testing?

A

Ensuring apps are secure before releasing into production.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What does the QA care about reg. AppSec testing?

A

Tools ease of use and integration into the SDLC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What topics to discuss with the CISO reg. using FoD for AppSec testing?

A

Fortify’s time to value/ROI

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What topics to discuss with the AppSec Manager reg. using FoD for AppSec testing?

A

Testing speed, accuracy of results, line of code detail, remediation recommendations, ease of use, and integration capabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What topics to discuss with the QA reg. using FoD for AppSec testing?

A

Line of code detail, remediation recommendations, and integration into developers native environment while meeting release deadlines.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Micro Focus (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions