How to create a custom dashboard for Fortify SCA?
I'm a user of both Fortify on Demand and Fortify SCA, and i'm looking into creating a custom dashboard for executives outside of what the tools offer out of the box. Does anyone have any experience connecting BI tools such as PowerBI to the database and generating dashboards? Example dashboards i'm trying to create are
- Enterprise/Application trend by severity over 1 year
- % of issues fixed from a set date
- OWASP Top 10 trend
- Developer triage trend
- Top fixed categories this week.
Do you have SSC? Because it has a good API REST to download data without going directly to the database. I used powershell to connect to MySQL and get some data also but I think it is more reliable to use the API.
Then you have to play a little with the API to understand filters and groups to get the information you want. For example OWASP or CWE classification are external lists and the way I use is grouping information with the exact IDs of these lists.
Hope this helps.