OpenText brings decades of expertise to help you unlock data, connect people and processes, and fuel AI with trust
Unify data seamlessly across your enterprise to eliminate silos, improve collaboration, and reduce risks
Get AI-ready and transform your data into structured, accessible, optimized information
Meet regulatory and compliance requirements and protect your information throughout its lifecycle
OpenText helps people manage content, automate work, use AI, and collaborate to boost productivity
See how thousands of companies around the world are succeeding with innovative solutions from OpenText™
Our people are our greatest asset; they are the life of the OpenText brand and values
Learn how we aspire to advance societal goals and accelerate positive change
Find a highly skilled OpenText partner with the right solution to enable digital transformation
Explore scalable and flexible deployment options for global organizations of any size
Local control. Global scale. Trusted AI
Your cloud, your control
Free up resources, optimize performance and rapidly address issues
Run anywhere and scale globally in the public cloud of your choice
See information in new ways
AI that understands your business, your data, and your goals
Say hello to faster decisions. Your secure personal AI assistant is ready to get to work
Gain better insights with generative AI for supply chains
Power work with AI content management and an intelligent AI content assistant
Improve your security posture with AI cybersecurity and agile threat detection
Enable faster app delivery, development, and automated software testing
Elevate customer communications and experiences for customer success
Empower users, service agents, and IT staff to find the answers they need
See information in new ways
AI that understands your business, your data, and your goals
Say hello to faster decisions. Your secure personal AI assistant is ready to get to work
Gain better insights with generative AI for supply chains
Power work with AI content management and an intelligent AI content assistant
Improve your security posture with AI cybersecurity and agile threat detection
Enable faster app delivery, development, and automated software testing
Elevate customer communications and experiences for customer success
Empower users, service agents, and IT staff to find the answers they need
Predict, act, and win with real-time analytics on a smarter data platform
Give users access to the answers they need, faster and easier, with multi-repository AI-based search that lets you contextualize everything from clicks to conversations
Connect once, reach anything with a secure B2B integration platform
Reimagine knowledge with AI-ready content management solutions
Supercharge intelligent workspaces with AI to modernize work
Integrated cybersecurity solutions for enterprise protection
Purpose built data protection and security solutions
Reinvent threat hunting to improve security posture with the power of agile AI
Ship better software—faster—with AI-driven DevOps automation, testing, and quality
Reimagine conversations with unforgettable customer experiences
Get the clarity needed to cut the cost and complexity of IT operations
Redefine Tier 1 business support functions with self-service capabilities from private generative AI
Build custom applications using proven OpenText Information Management technology
Build it your way with OpenText Cloud APIs that create the real-time information flows that enable custom applications and workflows
Protect what matters, recover when it counts
Get greater visibility and sharper insights from AI-driven information management. Ready to see how?
Break free from silos, streamline processes, and improve customer experiences with secure information management for AI
Improve efficiency, security, and customer satisfaction with OpenText
Run processes faster and with less risk
Achieve digital transformation with guidance from certified experts
Modernize your information management with certified experts
Unlock the full potential of your information management solution
Turn support into your strategic advantage
Extend IT teams with certified OpenText application experts
Discover training options to help users of all skill levels effectively adopt and use OpenText products
Modernize your information management with certified experts
Unlock the full potential of your information management solution
Turn support into your strategic advantage
Extend IT teams with certified OpenText application experts
Discover training options to help users of all skill levels effectively adopt and use OpenText products
Information is the heartbeat of every organization. We build information management software so you can build the future
OpenText partners with leading cloud infrastructure providers to offer the flexibility to run OpenText solutions anywhere
OpenText partners with top enterprise app providers to unlock unstructured content for better business insights
Discover flexible and innovative offerings designed to add value to OpenText solutions
Discover the resources available to support and grow Partner capabilities
Get expert product and service support to accelerate issue resolution and keep business flows running efficiently
Explore detailed services and consulting presentations, briefs, documentation and other resources
Fortify strengthens cyber resilience in preparation for DORA introduction while reducing code vulnerabilities by 50% and boosting vendor collaboration
Prepare banking client for new financial regulation compliance requirements while simplifying the process of introducing external software.
All financial industry participants already need to comply with many regulatory requirements. Within the European Union (EU), this has recently been expanded to include the Digital Operational Resilience Act (DORA). This promotes Europe-wide convergence on the requirements financial institutions must adopt to raise the security of their digital systems. As part of it, financial entities need to conduct vulnerability assessments before introducing or re-introducing new or existing services. They also are required to test all critical applications and systems at least once a year.
A major credit group needed to integrate appropriate testing tools within its software development cycle to increase the level of resilience of its software solutions and prepare for DORA compliance. The credit group turned to its trusted partner, Join Business Management Consulting. This strategy and management consulting firm is ranked among the fastest-growing companies in Europe by the Financial Times and Il Sole 24 Ore. “We initially carried out a market analysis to identify the solutions that met the client’s requirements, such as the need to introduce static code analysis mechanisms within the application lifecycle,” explains Maurizio Garofalo, Head of the Risk, Compliance and Cybersecurity Practice at Join Business Management Consulting.
We consider the adoption of the ‘security by design’ principle in our software lifecycle management a building block of our cyber resilience strategy. Fortify has proved to be the ideal technology partner for this in terms of depth, breadth, and precision of vulnerability analysis, DevOps integration, and service model flexibility.
Garofalo continues: “We identified Fortify as the best solution for the credit group’s needs. In fact, in addition to the criteria we determined with the client, Fortify outshone other solutions in a number of ways. First of all, we like the superior level of reliability and rich functionality that comes from being an established solution, recognized as market leader by leading analysts: Gartner, Forrester, IDC, and G2. We also appreciated the broad language support and the opportunity to use Fortify both in an on-premises mode for easy inclusion in the development cycle infrastructure, or as a flexible service in the cloud, more suitable for our client’s software partners. These benefits came at a similar cost to that of far less performant solutions.”
Fortify is the inclusive and extendible suite of application security solutions with two decades of experience and continuous improvement. Fortify solutions enable end-to-end application lifecycle management by providing static code testing through its static application security testing (SAST) module, dynamic code testing with its dynamic application security testing (DAST) module, and software composition analysis (SCA) to ensure the security of any open source code components that are used. Using sophisticated artificial intelligence (AI) technology, Fortify allows automated security checks to be performed on code as it is written, suggesting changes required to ensure the code is as robust as possible. “The level of protection provided by Fortify facilitates DevSecOps development models and regulatory compliance in multiple areas, including the financial sector,” comments Garofalo.
The start of the project involved Fortify on Demand, providing application security as a service without the need for additional infrastructure or resources. This is particularly valuable to validate software from external or commercial vendors, often small software companies specializing in banking solutions. The credit group cannot share its source code with external vendors, as it is protected by intellectual property law, nor can it accept code that hasn’t been checked according to its own software development standards. However, leveraging Fortify on Demand, the credit group can offer external vendors access to application testing via a code security scan. This allows the credit group to obtain an independent security certification to ensure that the security of the software conforms with its requirements.
The credit group leverages Fortify’s on-premises solution within its three in-house development factories where pre-defined languages are used. The first factory focuses on the development of home banking applications and its related apps for mobile access. The second factory develops the core applications for the group’s information system that manages communication between its 180 branch offices. The third factory develops the software used to create debit, credit, and pre-paid cards. “The Fortify hybrid deployment model, with on-demand and on-premises capabilities, is central to all software development at the credit group by ensuring that every code component is checked and corrected on the fly before it goes into production,” explains Garofalo.
The introduction of Fortify led to the successful and seamless implementation of 15 business-critical applications, including both developed code and Open Source components. Following the Fortify process, 100 percent of new software releases are secured and certified against the Open Source foundation for application security (OWASP) top 10, as well as sysadmin, audit, network and security (SANS) top 25 standards. The credit group has identified a 50 percent reduction in code vulnerabilities associated with its developers’ higher level of security awareness through the introduction of Fortify and a gamified training program. The credit group’s CISO comments: “We consider the adoption of the ‘security by design’ principle in our software lifecycle management a building block of our cyber resilience strategy. Fortify has proved to be the ideal technology partner for this in terms of depth, breadth, and precision of vulnerability analysis, DevOps integration, and service model flexibility.”
Garofalo concludes: “The credit group is delighted with Fortify’s ability to strengthen application development security, eliminate code vulnerabilities, and comply with DORA regulations. It also leverages the Voltage SecureData Payments by OpenText solution to ensure payment data encryption.
This simplifies PCI compliance and protects clients’ credit card data in e-commerce applications, as well as web and mobile payments. Given the success of both Voltage and Fortify, the credit group is considering integrating the two to provide further value.”
Fortify is central to all software development at the credit
group by ensuring every code component is checked
and corrected on the fly before it goes into production.
A major credit group needed to integrate appropriate testing tools within its software development cycle to increase the level of resilience of its software solutions and prepare for DORA compliance.