Fortify Scans

About

Users have the ability to create Test Assets to run on-demand HP Fortify scans using the Fortify Elastic Test Tool. Scans can also be run against any software assets that contains or stages source code.

How to Run a Fortify Scan


Step 1: Create a Fortify Test Asset

There is a Sample Fortify Scan asset on Github you can use out-of-the-box, or customize. Please see the sample Fortify Asset for instructions on how to use or create your Test Asset.

For special DI2E and Forge integrations, click here


Step 2: Create a Deployment

  • Create a Deployment and add the Fortify Test Asset from Step 1. You DO NOT need to add a Scenario to your Fortify Deployment.

Step 3: Launch the Deployment


Step 4: Download Test Results

  • Sit back and get some work done while you wait for the Run to complete.

  • Once you receive your email notification, navigate to "Runs" on the Main Nav menu

  • Select your Run

  • On the Run page, select the Test Results tab and download the PDF of the test report.

  • Fix any, vulnerabilities and click Re-Run to re-deploy and get new Fortify Scan results!

Fortify Licenses

The Fortify Test Case requires a user supplied license as part of the test case. In some sites, Fortify Licenses are available to the user community. If you are interested in the availability of Fortify licenses in your site, please contact support via the Contact Us button or alternate support link.