Having problems with your account or logging in?
A lot of changes are happening in the community right now. Some may affect you. READ MORE HERE

Fortify AppSec Solution adds more Automation and Ease of Use

Security_Guest Frequent Contributor.
Frequent Contributor.
0 0 1,301

By Harley Adams, Sr. Product Marketing Manager 

I was in a recent customer meeting where the customer said “it would be nice if our developers could do XYZ”… and the answer was Fortify has a tool that already does that. 17.2_Release.jpgNow Fortify is announcing another batch of features to keep track of! The recurring themes are automation and ease of use. 

The Fortify application security portfolio provides accurate, fast, and automated application security solutions for the software development lifecycle. Some recent new feature releases add to the feature-rich Fortify portfolio to continue to enable DevOps with increased coverage for development, faster scans and easier auditing. 

Here are some highlights from Fortify releases made available in November 2017:

  • Fortify on Demand v 17.4 (Available as of 11/11/2017)
    • Automated bug management provides easier remediation and tracking. Security related issues can be tracked and if closed, automatically synced on Fortify on Demand.
    • SCA + translate-only license enables developers and AppSec professionals to translate and upload their projects easily.
    • Centralized training management allows assigning training to developers on topics where they need improvement and manage the progress.
  • Fortify Static Code Analyzer & Software Security Center v.17.2: (Available as of 11/16/2017)
    • Scala programming language support has been added.
    • High Performance Parallel Mode brings accurate results with much faster scans.
    • Smart View (an audit visualization tool) allows auditors to quickly understand how multiple issues are related from a data flow perspective. This makes auditing and remediation efforts more effective through accurate prioritization. Smart View filters can be applied to begin triaging or fixing issues at the most efficient point.
  • Fortify WebInspect & WebInspect Enterprise v.17.2: (Available as of 11/16/2017)
    • Site Explorer – Standalone Version is an interactive tool to help developers remediate vulnerabilities. Rather than relying on static PDF reports, developers using Site Explorer can drill down to the source of the vulnerability.
    • Incremental scanning via APIs make incremental scanning available for integration with DevOps processes. Developers can initiate incremental scans during development and test to get faster results. 

Here are a few more details of the 17.2 release. Feel free to contact us for more information or pricing on any Fortify product.

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.