Users have the ability to create Test Assets to run on-demand HP Fortify scans using the Fortify Elastic Test Tool. Scans can also be run against any software assets that contains or stages source code.
How to Run a Fortify Scan
Step 1: Create a Fortify Test Asset
There is a Sample Fortify Scan asset on Github you can use out-of-the-box, or customize. Please see the sample Fortify Asset for instructions on how to use or create your Test Asset.
For special DI2E and Forge integrations, click here
Step 2: Create a Deployment
- Create a Deployment and add the Fortify Test Asset from Step 1. You DO NOT need to add a Scenario to your Fortify Deployment.
Step 3: Launch the Deployment
Step 4: Download Test Results
Sit back and get some work done while you wait for the Run to complete.
Once you receive your email notification, navigate to "Runs" on the Main Nav menu
Select your Run
On the Run page, select the Test Results tab and download the PDF of the test report.
Fix any, vulnerabilities and click Re-Run to re-deploy and get new Fortify Scan results!
The Fortify Test Case requires a user supplied license as part of the test case. In some sites, Fortify Licenses are available to the user community. If you are interested in the availability of Fortify licenses in your site, please contact support via the Contact Us button or alternate support link.