By Harley Adams, Sr. Product Marketing Manager
I was in a recent customer meeting where the customer said “it would be nice if our developers could do XYZ”… and the answer was Fortify has a tool that already does that. Now Fortify is announcing another batch of features to keep track of! The recurring themes are automation and ease of use.
The Fortify application security portfolio provides accurate, fast, and automated application security solutions for the software development lifecycle. Some recent new feature releases add to the feature-rich Fortify portfolio to continue to enable DevOps with increased coverage for development, faster scans and easier auditing.
Here are some highlights from Fortify releases made available in November 2017:
- Fortify on Demand v 17.4 (Available as of 11/11/2017)
- Automated bug management provides easier remediation and tracking. Security related issues can be tracked and if closed, automatically synced on Fortify on Demand.
- SCA + translate-only license enables developers and AppSec professionals to translate and upload their projects easily.
- Centralized training management allows assigning training to developers on topics where they need improvement and manage the progress.
- Fortify Static Code Analyzer & Software Security Center v.17.2: (Available as of 11/16/2017)
- Scala programming language support has been added.
- High Performance Parallel Mode brings accurate results with much faster scans.
- Smart View (an audit visualization tool) allows auditors to quickly understand how multiple issues are related from a data flow perspective. This makes auditing and remediation efforts more effective through accurate prioritization. Smart View filters can be applied to begin triaging or fixing issues at the most efficient point.
- Fortify WebInspect & WebInspect Enterprise v.17.2: (Available as of 11/16/2017)
- Site Explorer – Standalone Version is an interactive tool to help developers remediate vulnerabilities. Rather than relying on static PDF reports, developers using Site Explorer can drill down to the source of the vulnerability.
- Incremental scanning via APIs make incremental scanning available for integration with DevOps processes. Developers can initiate incremental scans during development and test to get faster results.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.