Micro Focus Fortify Product Announcement: Fortify on Demand 20.3


Original Question: Micro Focus Fortify Product Announcement: Fortify on Demand 20.3 by Brent_Jenkins

The Fortify on Demand 20.3 update will be released on August 29th, 2020, which contains enhancements to delight developers, enhance CI/CD processes, and enhance reporting capabilities. Here are some highlights to look forward to:

-  CI/CD toolchain support for Scan Queuing
-  Enhanced Dynamic web service scanning of Postman and OpenAPI files
- Ability to select fields and date range for data exports
- Dynamic scans will report on any hosts identified external to the sub-domain being tested

Full details of the 20.3 release can be found within the documentation section under “What’s New" following the release on August 29th.


CI/CD Integrations

- Scan Queuing for Jenkins, Azure DevOps, and FoDUploader
- Select Build Status for Jenkins

Tenant Usability

- Reject Scan with No Source (Tenant Option, See TAM)
- Tools Page Redesign to highlight all the tools available
- Improved user interface for OpenAPI Web Service and Postman Web Services Scanning

Reporting Enhancements

- Scans and Issues Data Export
      - Ability to Select Data Included
      - Ability to Select Time Frame

API Enhancements- See API Explorer for more information

- Scan Polling Summary
      - /api/v3/releases/{releaseId:int}/scans/{scanId:int}/polling-summary

Scanning Enhancements 

SCA Enhancements
- Latest Version of SCA, reducing false positives for C#

Dynamic Scanning Updates
- CrossBow(SecureBase) Rules Update
- Detected hosts identification and comparison

Comment List