I am using fortify on windows and GUI.
I am looking for .WAR files to check, so:
I rename it to .ZIP and extract my files to a directory.
Inside the directory, I have many files. Follow attached my directory and files.
I start the Audit Workbench, choose Advance Scan, set the directory and after, choose the JDK 1.6 and follow
The scan starts and finish.
So, in this scan. Is Fortify scanning for all possible files to be analyzed inside the directory?
I would like to make sure that I am doing the correct analysis and no one file is missing in the scan
Therefore, is possible to scan for all files/extensions (that fortify can do) just with one scanning (in this case talking about the files in the attach)