Fortify Software "welcomes" IBM's diversification

I was highly amused to read how Fortify Software - the application vulnerability guys in the US - are viewing IBM's late entry into the static IT security analysis marketplace "as a limited step in the right irection."

"Competition is always good for the industry, but it's the customer that makes the final decision as to which product or service they source," said Barmak Meftah, Fortify's senior vice president of products and technology.

Against this backdrop, Meftah says that his firm's static analyzer covers 17 programming languages - whilst IBM's addresses a lot less.

"In addition, our analyzer can discover more than 315 types of vulnerabilities, whereas IBM uncovers far fewer," he added.

According to Meftah, for IT security experts whose job - particularly in these economically challenging times - depends on ensuring that ALL vulnerabilities are revealed, IBM's offering might keep some of the hackers out.

But not all of them.

"And the ones that get through will probably be the ones that have architected the most complex attack vectors," he noted.

Hmm - sounds like Fortify is less than impressed with IBM. I wonder how IBM feel about Fortify's comments?

As the late - and great - comedian Frankie Howerd used to say in his stage act: oo-er missus!...