Micro Focus Fortify Provides Security, Vulnerability Detection for Defense Department with Platform One Iron Bank Certification

Former USAF chief software officer cites Fortify's enablement to integrate security scanning into the DevSecOps Application Lifecycle


News | Press Release

McLean, Va., October 12, 2021 – MFGS, Inc. recently announced the Iron Bank approval and inclusion of Micro Focus Fortify in Platform One (P1) as part of the United States Department of Defense Enterprise DevSecOps initiative.

“We are extremely excited that Fortify is approved for use within P1 and greatly appreciate the vision and assistance that former U.S. Air Force chief software officer Nicolas Chaillan and his team provided throughout the process,” said Chuck Boyers, Account Director for USAF, Space Force, and MDA at MFGS, Inc. “We recognize the importance that P1 has in delivering DevSecOps to the DoD, and are proud to be an integral part of providing application security.”

Built by the United States Air Force, Platform One is fully compliant with the DoD Enterprise DevSecOps initiative and contains more than 900 central enterprise containers, including databases, development tools, CI/CD tools, and Cybersecurity tools.

The program is comprised of top talent from across the Air Force using various factories (Kessel Run, Kobayashi Maru, SpaceCAMP, and Unified Platform). The central infrastructure, with automated testing and security baked-in, allows development teams to focus on building mission applications with rapid prototyping and a user feedback process for continuous improvement.

“Micro Focus is a great additional option for Iron Bank,” Chaillan said. “Fortify enables us to integrate security scanning right into the development cycle so that any issues are found early and are fixed as part of the development testing cycles.”

Iron Bank is the DoD’s repository of digitally signed, binary container images including both Free and Open-Source software (FOSS) and Commercial off-the-shelf (COTS). Containers accredited in Iron Bank have DoD-wide reciprocity across classifications.

“With pre-approved, containerized, supported products like Fortify SAST and SSC, P1 maintains the Iron Bank centralized repository of capabilities that can be quickly, easily and securely downloaded and deployed,” said John Farrell, Senior Specialist at MFGS, Inc. “This eliminates hours of work for hundreds of development teams and saves time, money and frustration for end users.”

In addition to Iron Bank, Micro Focus Fortify is integrated into the Platform One’s Party Bus offering with Micro Focus’ latest Fortify Concurrent Sensor licensed product, providing scans to customers using its cloud based development tools. Customers are able to find vulnerabilities in their custom built code earlier in the development lifecycle, fix issues before testing and deployment, and reduce overall risk to their enterprise.

In a recent U.S. Air Force case study, Micro Focus Fortify was able to provide time and cost savings through accelerated application delivery, continuous code monitoring and scanning to reduce attack surfaces, and prevent lateral movement by leveraging Zero Trust.

A proven software vulnerability analysis system, Micro Focus Fortify has been deployed successfully by more than 500 Defense Department and Air Force commands, groups, and contractors for more than eight years. During this time, Fortify has been used to scan hundreds of millions of lines of code, and identified millions of potential vulnerabilities across thousands of applications.

 

About MFGS, Inc.
MFGS, Inc. is a Master Supplier of Micro Focus’ best-in-class portfolio of enterprise-grade scalable software solutions to the U.S. Government, its partners, and system integrators. We are an independent, 100% U.S.-based, employed, and owned company. MFGS, Inc. is customer-centric, government compliant, and purpose built to fulfill, support and deliver Micro Focus government solutions to the U.S. Federal Government.