Case Study: Vital Images achieves DIACAP compliance and U.S. DoD market access with Hewlett Packard Enterprise

Vital Images completes DIACAP package with Fortify SCA

Vital Images, a medical imaging software company, needed to meet the DoD’s DIACAP information-assurance requirements to sell into Army and Air Force healthcare facilities. To satisfy the mandate for formal software security assurance, Vital implemented Micro Focus Fortify Static Code Analyzer (Fortify SCA) to scan its complex C++ code base and ran the analyses on Hewlett Packard Enterprise hardware (HPE GL380p G8 server).

Using Fortify SCA in weekly centralized scans and ad‑hoc developer scans, and accelerating processing on a Hewlett Packard Enterprise GL380p G8 server (dual Xeon processors, 128 GB RAM), Vital reduced full-scan times by up to 66% with Fortify v4.x and saw a steady downward trend in reported vulnerabilities. The Fortify solution, supported by HPE hardware, helped Vital progress through DIACAP toward an Authority to Operate, improved product security, and enabled the company to pursue DoD contracts.

Vital Images

Tim Dawson

Senior Director