-
We use fortify on demand for static code analysis. I do the uploads manually in the IDE today. Ideally i could stream this in when we do a 'release' build. They have a new integration that could make …
-
The following report just landed in my inbox. It is a security analysis done as part of the HP Fortify project. It outlines a number of (potentially) serious flaws in Kohana 3.3.3.1. I scanned the rep…
-
Hi community,
There is significant interest from a developer point-of-view to get a tool like HP Fortify back into SonarQube. Is there a specific section (just the rule file?) that needs HP assista…
-
Greetings.
I encounter issue when using FODUploader.jar.
FodUploader version : 5.4.0
Command line
`java -jar FodUpload.jar -z package.zip -aurl https://api.trial.fortify.com -purl https://tr…
-
Add reference DevSecOps templates for integrated SAST (and DAST where possible) assessments with the major cloud providers - AWS, Azure, GCP. Coverage should be similar to: https://github.com/fortify…
-
Was wondering if there's any plans to also include Backstage integration? It would be great to have a Backstage plugin similar to the one synk created: https://github.com/snyk-tech-services/backstage-…
-
Fortify on Demand has flagged this [class](https://github.com/microfocus-idol/java-aci-api-ng/blob/master/src/main/java/com/autonomy/aci/client/transport/impl/DeflateContentEncoding.java) containing u…
-
Hello,
Not an issue with this code, but couldn’t see a way to contact you sorry.
I am trying to port how you have done a scan start to PowerShell but not getting far. Would you be able to see wh…
-
Hi there!
Would you be open to including .tsx files in the constants list to be sent with any of the tech stacks using the constants files?
Fortify claims to support scanning tsx (and probably j…
-
I have recently updated from plugin version 4.0.0 to 4.0.1, and I am now getting a null pointer exception in my Jenkins declarative pipeline using the new version of the plugin.
Here is the excepti…