1
您现在的位置:
首页
/
/
Fortify集成生态系统

Fortify集成生态系统

  • 分类:新闻资讯
  • 作者:
  • 来源:
  • 发布时间:2021-03-19
  • 访问量:0

【概要描述】

Fortify集成生态系统

【概要描述】

  • 分类:新闻资讯
  • 作者:
  • 来源:
  • 发布时间:2021-03-19
  • 访问量:0
详情

DevOps 和应用程序安全

 

在整个软件开发生命周期 (SDLC) 中,应用程序安全必须是无缝的。经过精心设计,Fortify 应用程序安全成为了 DevOps 流程的内置属性。企业规模的 DevOps 速度并不意味着牺牲安全性或将业务置于危险之中。

集成到您使用的工具中,以便您尽早且频繁地测试您的应用程序,发现安全问题并进行修复,这一流程是开发测试周期的一部分。我们的集成生态系统:

- 便于开发人员使用

- 充分利用现有工具的投资

- 将安全性嵌入到您当前的流程中以减少摩擦

在我们的 API 中,Swagger 被用于提供文档/API 自我参考。我们的 Fortify Github 页面中有多个项目以及关于如何利用各种 API 频繁执行所要求的任务的示例。API 参考内置在产品中,可以通过各个产品的互联网界面访问。

Fortify SAST 为超过 27 种主要语言及其框架提供精准的支持,并由业界领先的软件安全研究 (SSR) 团队提供灵活的更新支持。

使您的应用程序具有广泛的漏洞覆盖范围,包括 1000 多个 SAST 漏洞分类,以确保符合 OWASP Top 10CWE/SANS Top 25DISA STIG PCI DSS 等标准。

对开发人员友好的语言覆盖范围——支持:ABAP/BSPActionScriptApexASP.NETC# (.NET)C/C++Classic ASP(含 VBScript)、COBOLColdFusion CFMLGoHTMLJava(包括 Android)、JavaScript/AJAXJSPKotlinMXML(Flex)Objective C/C++PHPPL/SQLPythonRubySwiftT-SQLVB.NETVBScriptVisual Basic XML

如需查看当前支持的语言、版本和框架的完整列表,请访问我们的详细列表

 

支持的编程语言

 Fortify Static Code Analyzer
 支持的编程语言

Language / Frameworks

Versions

.NET Framework

2.0–4.8

.NET Core

2.0–3.1

ABAP/BSP

6

Note: Fortify ABAP Extractor is supported on a system running SAP release 7.02, SP level 0006.

ActionScript

3.0

Apex

36

ASP.NET

2.0–4.8

C#

5, 6, 7, 8

C/C++

See Compilers.

Classic ASP (with VBScript)

2.0, 3.0

COBOL

IBM Enterprise COBOL for z/OS 6.1 (and earlier) with CICS, IMS, DB2, and IBM MQ

ColdFusion

8, 9, 10

Go

1.12, 1.13

Note: Scanning Go code is supported on Windows and Linux.

HTML

5 and earlier

Java (including Android)

5, 6, 7, 8, 9, 10, 11, 12, 13, 14

JavaScript

ECMAScript 2015–2020

JSP

1.2, 2.1

Kotlin

1.3.50

MXML (Flex)

4

Objective-C/C++

See Compilers.

PHP

5.3, 5.4, 5.5, 5.6, 7.0, 7.1

PL/SQL

8.1.6

Python

2.6, 2.7, 3.x (3.8 and earlier)

Ruby

1.9.3

Scala

2.11, 2.12, 2.13

Note: Scanning Scala code requires a standard Lightbend Enterprise Suite license

Swift

5

Note: See Compilers for supported swiftc versions.

T-SQL

SQL Server 2005, 2008, 2012

TypeScript

2.8, 3.x, 4.0

VBScript

2.0, 5.0

Visual Basic (VB.NET)

11, 14, 15.x, 16.0

Visual Basic

6.0

XML

1.0

 

支持的构建工具

 Fortify Static Code Analyzer
 支持的构建工具

Build Tool

Versions

Notes

Ant

1.10.x and earlier

 

Bamboo

(see the Atlassian Marketplace for supported versions)

The Fortify App for Bamboo is available from the Atlassian Marketplace.

Gradle

6.6.x and earlier

The Fortify Static Code Analyzer Gradle build integration
 supports the following language/platform combinations:

  • Java/Windows, Linux, and macOS
  • Kotlin/Windows and Linux
  • C/Linux
  • C++/Linux

Jenkins

(see the Jenkins Plugin Index for supported versions)

The Fortify Jenkins plugin is available from the Jenkins Plugins Index at https://plugins.jenkins.io/fortify.

Maven

3.0.5, 3.5.x, 3.6.x

 

MSBuild

4.x, 12.0, 14.0, 15.x, 16.4, 16.6

 

Xcodebuild

11, 11.1, 11.2.1, 11.3, 11.3.1, 11.4.1, 11.5, 11.6, 11.7, 12, 12.0.1, 12.1, 12.2, 12.3

 

 

 

支持的编译器

Fortify Static Code Analyzer
 支持的编译器

Compiler

Versions

Platform

gcc

GNU gcc 4.9, 5.x

Windows, Linux, macOS

g++

GNU g++ 4.9, 5.x

Windows, Linux, macOS

OpenJDK javac

9, 10, 11, 12, 13, 14

Windows, Linux, macOS

Oracle javac

7, 8, 9

Windows, Linux, macOS

cl

2015, 2017, 2019

Windows

Intel C++ Compiler

icc 8.0

Linux

Clang

11.0.0, 11.0.3, 12.0.01

macOS

Swiftc

5.1, 5.1.2, 5.1.3, 5.2.2, 5.2.4, 5.3, 5.3.1, 5.3.21

macOS

1Fortify Static Code Analyzer supports applications built in the following Xcode versions: 11, 11.1, 11.2.1, 11.3, 11.3.1, 11.4.1, 11.5, 11.6, 11.7, 12, 12.0.1, 12.1, 12.2, 12.3.

 

 

支持的开工具插件

The following table lists the supported integrated development environments (IDE) for the Micro Focus Fortify Secure Code Plugins.

Plugin / Extension

IDE and Version

Notes

Fortify Eclipse Plugins
(Complete and Remediation)

Eclipse 2018-x, 2019-x, 2020-03 (4.15)

 

Fortify Analysis Plugin

Android Studio 3.3, 3.4, 3.5

IntelliJ IDEA 2019.x, 2020.x

 

Fortify Remediation Plugin 

Android Studio 3.3, 3.4, 3.5

IntelliJ IDEA 2019.x, 2020.x

PyCharm 2019.x, 2020.x

WebStorm 2019.x, 2020.x

 

Fortify Visual Studio Extension

Visual Studio 2015 Community, Professional, and Enterprise

Visual Studio 2017 Community, Professional, and Enterprise

Visual Studio 2019 Community, Professional, and Enterprise

Note: The Fortify Visual Studio Extension is not compatible with Visual Studio Express.

 

Security Assistant Plugin for Eclipse

Eclipse 2018-x, 2019-x, 2020-x

 

Security Assistant Extension for Visual Studio

(see the Visual Studio Marketplace for supported versions)

 

Security Assistant Extension for Visual Studio is available from the Visual Studio Marketplace.

Single Sign-On (SSO)

Fortify Audit Workbench
, the Eclipse Complete plugin, and the Fortify Visual Studio Extension support the following SSO methods to connect with Fortify Software Security Center

  - SPNEGO/Kerberos SSO

Supported on the Windows platform only.

- X.509 SSO

Note: Fortify Audit Workbench和安全代码插件可以在Fortify软件安全中心中使用基于令牌的身份验证,从而无需为这些工具直接配置SSO

 

支持的集成工具

The following table lists the supported service integrations for Micro Focus Fortify Audit Workbench
 and the Fortify Secure Code Plugins.

Service

Versions

Supported Tools

Bugzilla

5.0.x

Audit Workbench, Eclipse Plugin, Visual Studio Extension

Micro Focus Application Lifecycle Management (ALM)/
Quality Center Enterprise (QC)

12.50

Audit Workbench, Eclipse Plugin

Azure DevOps Server (formerly TFS)

2019

Audit Workbench, Eclipse Plugin, Visual Studio Extension

Azure DevOps (formerly VSTS)

Note: Only basic user password authentication
 is supported.

n/a

Audit Workbench, Eclipse Plugin

Jira

7.11 and later
8.x

Audit Workbench, Eclipse Plugin

Jira Cloud

n/a

Audit Workbench, Eclipse Plugin

Fortify Software Security Center
 Bug Tracker

20.2.0

Audit Workbench, Eclipse Plugin, Visual Studio Extension

 

注:此为Fortify SCA 20.2版本所支持的内容。

扫二维码用手机看

更多资讯

联系我们

联系我们

发布时间:2020-09-16 13:55:16
地址:苏州市工业园区新平街388号
          腾飞创新园塔楼A617
电话:400-028-4008
          0512-62382981

关注我们

这是描述信息

页面版权所有 -  苏州华克斯信息科技有限公司  |  Copyright - 2020 All Rights Reserved.