If someone used Fortify SCA to scan COBOL code, please give me your contact number..need help....
- We are planning to implement Fortify for COBOL code in my application.
- If someone has experienced and implemented already,we lookforward to get some help from them.
Hi, first of all, check whether your COBOL version is supported by the SCA. In my documentation from 17.10 stands: IBM Enterprise COBOL for z/OS 3.4.1 with CICS, IMS, DB2 embedded SQL,and IBM MQ I've tried only scanning other version of COBOL compiled by the Fujitsu compiler. Although after several modifications with the COBOl developers, I managed to translate the code with the SCA, the analysis part did not find any errors, not even the dangerous functions or input. So I assume that only the IBM COBOL can be analysed. In the SCA user guide, you will find the instructions on how to translate and analyse the COBOL code. Regards, Stanislav