search

denimgroup / threadfix

ThreadFix is a software vulnerability management platform. This GitHub site is far out of date. Please go to www.threadfix.it for up-to-date information.
340 stars 127 forks source link

Add Fortify SSC support as a Remote Provider #424

Closed macacollins closed 7 years ago

macacollins commented 10 years ago

We should be able to connect to Fortify SSC and pull scans. This would make integration much easier for large organizations that use SSC.

I anticipate that we can use our existing parsers, but we might need to update our data models to record scanning tool and channel type.

Dan Hall is trying to get us an internal instance to connect to, but in the meantime let's start looking at their API.

This should be developed as a plugin.

SscDocumentation.zip (file://SATMOBILE117/Users/rhernandez/Drop/SscDocumentation.zip)

Ruben-E commented 7 years ago

It's been a while. Although, any updates on this?

kylepippin commented 7 years ago

Your timing is incredible, Ruben! ThreadFix Enterprise 2.5 is about to head out the door first thing next week. About 1 to 2 weeks after that, we'll be providing the SSC RemoteProvider plugin to our customers!

Check out our website for other exciting updates at https://www.threadfix.it