Installation of Fortify Static Code Analyzer and Applications

This article will help you to install Fortify Static Code Analyzer and Applications without any issues. This way it will work properly as soon as the tool is installed.

Follow the below steps 

  1. Run the installer file that corresponds to your operating system:
  • Windows: Fortify_SCA_and_Apps_<version>_windows_x64.exe
  • macOS: Fortify_SCA_and_Apps_<version>_osx_x64.app.zip
  • Linux: Fortify_SCA_and_Apps_<version>_linux_x64.run
  • Solaris: Fortify_SCA_<version>_solaris_x86.run or
    Fortify_SCA_<version>_solaris10_sparc.run

where <version> is the software release version.

  1. Accept the license agreement, and then click Next.
  1. Choose where to install Fortify Static Code Analyzer and applications, and then click Next.

Note: If you are using Micro Focus Fortify CloudScan, you must specify a location that does not include spaces in the path.

  1. (Optional) Select the components to install, and then click Next.

Note: Component selection is not available for all operating systems.

  1. If you are installing the Fortify extension for Visual Studio 2015 or 2017, you are prompted to specify whether to install the extensions for the current install user or for all users.

The default is to install the extensions for the current install user.

  1. Specify the path to the fortify.license file, and then click Next.
  1. Specify the settings required to update your security content.

To update the security content for your installation:

Note: For installations on non-Windows platforms and for deployment environments that do not have access to the Internet during installation, you can update the security content using the fortifyupdate utility.

  • Specify the URL address of the update server. To use the Fortify Rulepack update server for security content updates, specify the URL as: https://update.fortify.com.
  • (Optional) Specify the proxy host and port number of the update server.
  1. Click Next.
  1. Specify if you want to migrate from a previous installation on your system.

Migrating from a previous installation preserves Fortify Static Code Analyzer artifact files.

Note: You can also migrate Fortify Static Code Analyzer artifacts using the scapostinstall command-line utility.

To migrate artifacts from a previous installation:

  1. In the SCA Migration step, select Yes, and then click Next.
  1. Specify the location of the existing installation on your system, and then click Next.
  1. Specify if you want to install sample source code projects, and then click Next.

Note: If you do not install the samples and decide later that you want to install them, you must uninstall and then re-install Fortify Static Code Analyzer and Applications.

  1. Click Next to proceed to install Fortify Static Code Analyzer and applications.
  1. After Fortify Static Code Analyzer is installed, select Update security content after installation if you want to update the security content, and then click Finish.

The Security Content Update Result window displays the security content update results.

Leave a Comment