Cybersecurity
DevOps Cloud (ADM)
IT Operations Cloud
Original Question: Micro Focus Fortify Product Announcement: Fortify on Demand 20.3 by Brent_Jenkins
The Fortify on Demand 20.3 update will be released on August 29th, 2020, which contains enhancements to delight developers, enhance CI/CD processes, and enhance reporting capabilities. Here are some highlights to look forward to:
- CI/CD toolchain support for Scan Queuing
- Enhanced Dynamic web service scanning of Postman and OpenAPI files
- Ability to select fields and date range for data exports
- Dynamic scans will report on any hosts identified external to the sub-domain being tested
Full details of the 20.3 release can be found within the documentation section under “What’s New" following the release on August 29th.
CI/CD Integrations
- Scan Queuing for Jenkins, Azure DevOps, and FoDUploader
- Select Build Status for Jenkins
Tenant Usability
- Reject Scan with No Source (Tenant Option, See TAM)
- Tools Page Redesign to highlight all the tools available
- Improved user interface for OpenAPI Web Service and Postman Web Services Scanning
Reporting Enhancements
- Scans and Issues Data Export
- Ability to Select Data Included
- Ability to Select Time Frame
API Enhancements- See API Explorer for more information
- Scan Polling Summary
- /api/v3/releases/{releaseId:int}/scans/{scanId:int}/polling-summary
Scanning Enhancements
SCA Enhancements
- Latest Version of SCA, reducing false positives for C#
Dynamic Scanning Updates
- CrossBow(SecureBase) Rules Update
- Detected hosts identification and comparison