Fortify

Video: Reducing the noise using Fortify (2020)

COEST

0 Likes

over 2 years ago

In AppSec, security scan noise is an issue that slows down fast software development. Noise is all output that is considered irrelevant or not worth acting upon by users. If there is too much noise, this can have detrimental effects on the success of implementation:

- For security auditors, they can be swamped auditing results

- If this noise ends up with developers’ directly, they may lose confidence in the tool

There are a subset of scan findings where the Fortify static scan tool worked as intended; however, the issue is considered irrelevant due to the context, risk appetite, etc.

YouTube link: https://www.youtube.com/watch?v=6CjUVA3I_rk

Tags:

appsec

videos

Fortify

Static Scan

Labels:

Videos

Comment List

Recommended

Resources

Support

Documentation

Learning Services

CyberRes Academy

Partner Programs

Compliance

Help

Company

Accessibility
Anti-Slavery Statement

Support
Contact Us

Careers
Code of Conduct

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.

Menu

Fortify

Video: Reducing the noise using Fortify (2020)

Tags:

Labels:

Resources