Micro Focus Expert
Micro Focus Expert

Update: Micro Focus Fortify on Demand 20.4 Release Postponed

Fortify on Demand will implement Fortify Software Security Content 2020 update 3, which includes updates to static and dynamic rules, on October 24th 2020. Fortify Software Security Content updates utilize Fortify's continued investment in application security research to provide security intelligence that powers the Fortify product portfolio. 

Security Content SR3 Update Details

The 20.4 release will be rescheduled for a later date. Highlights include:

- API rate limit improvements

- Improved scanning logic to better handle technology stack changes

- FoDUploader improvements to support GitLab integration

Full details of the 20.4 release can be found within the documentation under "What's New" following the release on October 24th. 


CI/CD Integrations

- Jenkins pipeline support for in-progress scans

- Added allowPolicyFail parameter to FoDUploader:

          - Exit Code 1 - when a scan fails due to security policy

          - Exit Code 0 - when the scan completes successfully

API Enhancements - See API Explorer for more information

- Added parameter for binary scanning to /api/v3/releases/{releaseId}/static-scans/start-scan-advanced 

- Added parameter for severity to /api/v3/releases/{releaseId}/category-rollups 

- Increased the default rate limit

- Increased the rate limit for the APIs for POST /api/v3/applications

- Increased the rate limit for the APIs for POST /api/v3/releases

Scanning Enhancements

- Enhanced logic to ensure correct scanning arguments are applied when technology stack is changed



Labels (2)
0 Replies
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.