Fortify on Demand is constantly on the move and while many of you are preparing for the holidays, the team here is still hard at work releasing new features and providing improved scanning for both dynamic and static application security testing.
Recently Fortify on Demand released an update that provides 5 new features and integrations that our customers will be sure to love.
1. WebInspect 19.2.0 update:
The 19.2.0 WebInspect release emphasizes powerful new API scanning capabilities, improved integrations with an organization’s ecosystem, and improvements to the user experience.
Fortify WebInspect 19.2.0 Key Highlights
- Simplified API Scanning: Simplified API scanning using the OpenAPI (Swagger) API description format is now supported. Look for the API Scan option in the Basic Scan Wizard, or leverage the WebInspect API, CLI, or even container driven scanning to take advantage of this new feature. Watch Demo!
- Advanced API Scanning: Postman support has been added. WebInspect can now directly run your Postman collections for more advanced API scanning scenarios where unique workflows, complicated authentication, or specific parameter values are required. Watch Demo!
- Response State Patterns: WebInspect can now handle complex scenarios where an application requires passing data from a response into a subsequent request. To build response state rules, go to Scan Settings > HTTP Parsing. Watch Demo!
- Selenium WebDriver Integration: WebInspect now supports a direct integration with Selenium WebDriver. This integration allows leveraging existing Selenium assets to drive dynamic scanning via either WebInspect’s CLI or API.
- Macro Auto-Gen & Validation: We’ve updated the engines used by both our Macro Auto-gen, and our Macro Validation technologies. Customers should see more accuracy as we continue to invest in these important features.
- Usability Improvements: You will notice some minor changes to our Advanced Settings options as we continue to simplify WebInspect and improve the user experience.
2. Jenkins v5.0 security update
Important security update to ensure passwords are stored securely.
3. FoDUploader 4.0 update
This features updates to allow scan handling, improved error messaging, and scan origin tracking.
4. Container scanning functional updates.
5. Highly anticipated language support:
- SCA update that now supports the Go programming language.
- Sonatype update, that now supports Go for open source components.
These recent updates, plus many more, continue to show why Micro Focus Fortify on Demand is leading the way for Application Security as a Service. To learn more about Fortify on Demand and how it can assist your organization with getting started, scaling or optimizing your AppSec programs, be sure to check out some of our latest videos on the Fortify Unplugged YouTube Channel.