Case Study: Cox Automotive achieves 90% reduction in code vulnerabilities and faster DevOps testing with Hewlett Packard Enterprise’s HP Fortify on Demand

HP Fortify on Demand Transforms Software Development and Testing

Cox Automotive, a global provider of automotive products and services (including Manheim, AutoTrader.com, and Kelley Blue Book), needed to revamp its software-testing environment and dramatically reduce vulnerabilities across thousands of applications written by more than 7,000 U.S. developers and 24,000 worldwide. To address this, Cox partnered with Hewlett Packard Enterprise and deployed HP Fortify on Demand to introduce iterative DevOps testing and near‑real‑time security feedback for development teams.

Hewlett Packard Enterprise implemented HP Fortify on Demand and accompanying risk/security advisory services, enabling Cox to reduce more than 100,000 code vulnerabilities by about 90% (one application fell from over 10,000 flaws to ~100) and achieve a tenfold vulnerability decrease within 24 months. The automated, cloud-based testing cut costs, removed the need for roughly five full‑time skilled analysts, sped up development cycles with immediate developer feedback, and scaled security coverage from 50% toward a planned enterprise‑wide rollout.

Cox Automotive

Tony Spurlin

Global Chief Information Security Officer