Hi,
I have created a application version A which should pick a specific version state.. After creation, as the fpr showed Error Processing , I deleted the version.. But then I tried again to create the application version with same name, but it is…
Hi,
In our Fortify SSC we have been scanning code and uploaded artifacts to Version-A
We then created a new version - VERSION-B taking suppressions from Version-A and started uploading artifacts to this new VERSION-B (as we have some new set of code…
Hi , I am testing a version upgrade from Fortify SSC 18.2 to 22.2
To start with, I wanted to install Fortify SSC 18.2 first, I have installed Oracle database 12.2.0 , Fortify SSC 18.2, java 1.8 and apache tomcat 9.0.75
When I deployed the war file…
Hi,
I have executed two different scans .. One scan has 14000 files and the scan completed in a day. But the other scan which has 11000 files , only the the translation phase took 1 day.
Why does this happen? Is there any specific reason?
Please…
Hi,
I have created AnalysisUploadToken in SSC and using it with fortifyclient for fpr upload.
But even before the DaysToLive is reached, the token is not working for upload.
I have verified the serviceContext.xml (webapps/ssc/WEB-INF/internal/serviceContext…
Hi,
I wanted to upgrade my Fortify 18.2(Oracle 12c) to 22.2.0 (Oracle 19c). To test the same,
1. I have put the SSC test instance (Fortify 22.2) in maintenance mode
2. I have installed Fortify 22 in a test machine with Oracle 19c and copied the…
Hi,
Is there a way to take a backup of the Fortify SCA?
As we have all configurations and rulepacks in place in production , I want to take a backup and replicate the same in my stage.
I was able to install the sca but I found I need to configure…
Hi,
I have configured Fortifity SSC 22.2.0 in a stage machine but am unable to login.
I verified the log file ssc.log in fortify home directory. The below error is shown -
/ssc/j_spring_security_check [WARN] com.fortify.manager.security.CustomLoggerListener…
Hi,
We have a large code base where we run the fortify scans on a monthly basis.
But, every month the changes happen in the code base is less than 10% but we are scanning the full code base.
I found that Fortify incremental scan feature has been…
Hi,
there is a directory where sql files are present in the subdirectories.
When I triggered a fortify scan, during the translation phase, there are a series of warnings in the format -
Exception parsing file: ..........................
Was expect…
Hi,
I have triggered a fortify scan on a set of files in war layout (files extracted from a war and then scan is triggered). And when I viewed the results in Audit in Fortify SSC, few are shown as minified js files. But the name is not *.min.js. The…
Hi Team, we are using Fortify_SCA_and_Apps_22.1.0 for salesforce (apex) application. Fortify Static Code Analysis runs and throws warnings 10000 : parse error in file. However FPR file is created in user local system with all warnings and 0 LOC (Excutable…
I am integrating the Fortify ScanCentral DAST Assessment task into my CI/CD pipeline. For this task, I need a CI/CD Settings Identifier of a successful ScanCentral DAST scan in SSC.
When my team runs a DAST scan on our application, they are finding…
Hi,
We are running Fortify SSC version 21.2. I'm trying to upgrade ScanCentral DAST from 21.1 to 21.2. I have configured all the parameters in DAST Configuration tool 21.2. Finally when i apply setting, throwing an error "Internal server error" "Database…
We are planning to setup new environment for SSC everything will change in this environment(server, database) and we want to replicate our old environment SSC database data in this new environment.
My question is, how is the best way to move SSC database…
Accepted Solutions is a method by which you identify and highlight the reply that best answers a question that you've posted. Accepted solution help others find answers faster. (see also FAQ on accepted solutions )
I personally tend to look at solutions…