Scan C# and C/C++ Files
How do I scan C# and C++ files within the Fortify Workbench without going through a MS Visual Studio Solution (sln) file. That is the only way I can find to do it through the documentation. When I launch an advanced scan on a directory with these types of files in them they don't show in the directory tree. It's as if Fortify can't see .cs or .cpp files. Did I miss a step in configuring Fortify or is there another way to get these files scanned? It works fine with Java but most of my projects are in C# or C++ and I was under the impression Fortify could scan thoes as well.
As C++ requires a compiler and build system such as make, you'll need to enter additional commands.
ALso, keep in mind that you'll need to have VS or MSBuild installed to build VS projects.
I'm pretty new to Fortify SCA, but my understanding is that to do a directory based scan on a .NET App it needs to first be compiled. For ASP.NET Apps this means that ASPX must also be compiled.
We are currently building our solutions one a build server and then moving the output to a SCA Machine with VS2008-2012 installed for the scanning process.
knowing it should work is good...a pointer to where in docs on how to configure for the compile would be better....
Thanks and wish all luck as the search continues
I'm struggling to scan C++ code using HP Fortify SCA.
Can anybody help me in understanding the prerequisites for scanning C++ files?
Is it possible to scan it through Audit Workbench or Scan Wizard?
Does it require a build before scanning.
Any help would be highly appreciated
There no particular link for the solution.I connected with support team and they send the installer for linux environment, which was used in a linux box to scan the files.
In windows machine you can try and import the files in Visual Studio and then scan using HP Fortify's visual studio plugin which comes with the package.