SAN FRANCISCO -- Fortify Software Inc., a leading provider of security products that help companies identify, manage and remediate software vulnerabilities to mitigate enterprise security risk, today announced that Fortify has joined the FindBugs project as a sponsor, and is helping to expand the functionality of the open source tool, which has had over 200,000 downloads.
FindBugs, originally developed by William Pugh, professor at the University of Maryland, Packard Fellow, and a member of Fortify's Technical Advisory Board, is an open source software tool which looks for bugs in Java programs and detects common coding mistakes. The software is based on the concept of bug patterns, and shows potential problems to programmers as they code.
In addition to its sponsorship, Fortify also announced Findbugs' integration with its award winning Fortify Source Code Analysis product. Developers can run FindBugs in conjunction with Fortify Source Code Analysis, and can then load and view the results from various Fortify tools such as Fortify Audit Workbench and Fortify Software Security Manager, giving developers a central view of all results.
"Bugs are a fact of life. I try as hard as I can to write bug-free code, but still the bugs creep in," said Josh Block, Chief Java technology architect at Google. "Since you can't avoid introducing bugs, it's critical to find and exterminate them. FindBugs is the easiest, most effective way I know to find the bugs that lurk in my code."