Dependency-Track Plugin for Fortify SSC

91918

Steve S Community

App Support Tiers

OpenText SUPPORTED

Support via OpenText Software Support, with a ticket filed against the associated product.

PARTNER

OpenText offers a content partnership program for select partners. Support for Partner Content offerings is provided by the partner and not by OpenText of the OpenText community.

OpenText COMMUNITY

OpenText Community Content is provided by OpenText for the benefit of customers, support for it is not available via OpenText Software Support but through specific community content forums.

COMMUNITY

Community Contributed Content is provided by OpenText customers and supported by them.

EARLY ACCESS

Show less ...Show more

The downloads referenced under the "Cybersecurity Early Access" category are made available to subscribers to mitigate time-critical issues but have not undergone formal quality and performance testing associated with official OpenText/Cybersecurity product releases. OpenText has a multi-stage Quality Assurance process. During Stage 1 we conduct a resource analysis, field mapping, ensure content level 1 functionality and analysis in our sandbox environment. Stage 2 is a complete validation including production validation. This package has cleared Stage 1 validation and therefore should be deployed with the appropriate pre-production validation. OpenText strongly recommends that any downloaded content is first checked and tested thoroughly in a non-production environment before committing to production. We welcome feedback and, should any content be shown to be faulty, detrimental or carry an incorrect claim of authorship, we shall endeavor to remove or correct such content as promptly as reasonably possible once notified and validated.

Steve S | Community

This plugin allows Fortify SSC to integrate results from Dependency-Track alongside findings from SCA, providing a consolidated view of security-centric code findings and vulnerable component findings.

206 downloads

Product compatibility

Description

Dependency-Track is an open source Software Composition Analysis (SCA) platform that allows organizations to identify and reduce risk from the use of third-party and open source components. Dependency-Track can automatically publish results to Fortify Software Security Center (SSC) providing a consolidated view of security-centric code findings and vulnerable component findings.Dependency-Track accomplishes this in the following ways:

Fortify SSC integration is configured in Dependency-Track
Dependency-Track pushes findings to Fortify SSC on a periodic basis (configurable)
A plugin for Fortify SSC parses Dependency-Track findings

Minimum Requirements

Dependency-Track v3.4.0 or later
Fortify SSC 17.20 or later

Releases

Release

Date

1.0.0 1.0.0

Nov 30, 2018

More info Less info

Product compatibility

Fortify Software Security Center

Version 17.20

Version 18.10 · 18.20

Version 19.10 · 19.20

Version 20.10 · 20.20

Version 21.1 · 21.2

Version 22.1 · 22.2

Version 23.1 · 23.2

Version 24.2 · 24.4

Release notes

Initial release

Languages

English

Resources

Website

GitHub

Documentation

Marketplace

Marketplace

Dependency-Track Plugin for Fortify SSC

Product compatibility

CATEGORY

Description

Minimum Requirements

Releases

Resources

Sign in

Marketplace

Dependency-Track Plugin for Fortify SSC

App Support Tiers

Product compatibility

CATEGORY

Description

Minimum Requirements

Releases

Resources

Unsubscribe from notifications

Marketplace Terms of Service

Your download has begun