Fortify Static Code Analyzer Component Applications

The installation consists of Fortify Static Code Analyzer, which analyzes your build code according to a set of rules specifically tailored to provide the information necessary for the type of analysis performed. A Fortify Static Code Analyzer installation might also include one or more component applications.

The following table describes the components that are available for installation with the Fortify Static Code Analyzer and Applications installer.

Component Description
Micro Focus Fortify Audit Workbench Provides a graphical user interface for Fortify Static Code Analyzer that helps you organize, investigate, and prioritize analysis results so that developers can fix security flaws quickly.
Micro Focus Fortify Plugin for Eclipse Adds the ability to scan and analyze the entire codebase of a project and apply software security rules that identify the vulnerabilities in your Java code from the Eclipse IDE. The results are displayed, along with descriptions of each of the security issues and suggestions for their elimination.
Micro Focus Fortify Analysis Plugin for IntelliJ and Android Studio Adds the ability to run Fortify Static Code Analyzer scans on the entire codebase of a project and apply software security rules that identify the vulnerabilities in your code from the IntelliJ and Android Studio IDEs.
Micro Focus Fortify Extension for Visual Studio Adds the ability to scan and locate security vulnerabilities in your solutions and projects and displays the scan results in Visual Studio. The results include a list of issues uncovered, descriptions of the type of vulnerability each issue represents, and suggestions on how to fix them. This extension also includes remediation functionality that works with audit results stored on a Micro Focus Fortify Software Security Center server.
Micro Focus Fortify Custom Rules Editor A tool to create and edit custom rules.
Micro Focus Fortify Scan Wizard A tool to quickly prepare a script that you can use to scan your code with Fortify Static Code Analyzer and optionally, upload the results directly to Fortify Software Security Center.

Note: This tool is installed automatically with Fortify Static Code Analyzer.

The following table describes the components that are included in the Fortify Static Code Analyzer and Applications package.

Component Description
Micro Focus Fortify Remediation Plugin for Eclipse Works with Fortify Software Security Center for developers who want to remediate issues detected in source code from the Eclipse IDE.
Micro Focus Fortify Remediation Plugin for IntelliJ, WebStorm, and Android Studio Works in the IntelliJ, WebStorm, and Android Studio IDEs and with Fortify Software Security Center to add remediation functionality to your security analysis.

The following table describes the applications you can use with Fortify Static Code Analyzer in continuous integration that are available from other marketplaces.

Component Description
Micro Focus Fortify Jenkins Plugin Provides the ability to analyze a project with Fortify Static Code Analyzer, upload analysis results to Fortify Software Security Center, and view details about the results from Jenkins.
Micro Focus Fortify Bamboo Plugin Provides the ability to analyze a project with Fortify Static Code Analyzer, and upload analysis results to Fortify Software Security Center with Bamboo.

Leave a Comment