Fortify Local Scan

JayDev · ‎04-23-2018

Hi team ,

We are using Fortify Static code analyzer version 17.2.0.Our Project is too huge and full scan takes 8 Hours of time We are trying to find some alternatives to scan the files Incremenatlly(Scan only the changed Files instead of Whole Project)

We wrote a plugin incorporating the Source Analyzer Command as Below

sourceanalyzer -b !BuildId! -source 1.6 -verbose -cp "!codeDirectory!/CODE/LIB/*.jar !codeDirectory!/CODE/ModuleLIB/*.jar" !modifiedFileList!

Where modifiedFileList is the list of FIles which we changed

The Problem is

1)The scan is listing only few Issues like Password Hard coded/Key hardcoded

2)The scan is not finding all the Issue category(Like XSS Related Issues)

Please help us on this.Can we use local scan to find out all the issues on incremental Scan itself.

Regards,

Jay.

Parvez_Admin · ‎04-23-2018

Hi,

Fortiy and HPE software is now part of the new company, Micro Focus. So you will need to repost your question to the new Micro Focus Community at https://community.softwaregrp.com/

Or,

https://community.softwaregrp.com/t5/Fortify/ct-p/fortify

Thanks,
Parvez_Admin
I work for HPE
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Fortify Local Scan

Fortify Local Scan

Re: Fortify Local Scan