• SSC - New Application version creation

    Hi, I have created a application version A which should pick a specific version state.. After creation, as the fpr showed Error Processing , I deleted the version.. But then I tried again to create the application version with same name, but it is…
  • Does Fortify SSC support an option to carry forward suppressions from application VERSION-B to VERSION-A

    Hi, In our Fortify SSC we have been scanning code and uploaded artifacts to Version-A We then created a new version - VERSION-B taking suppressions from Version-A and started uploading artifacts to this new VERSION-B (as we have some new set of code…
  • Fortify SSC 18.2 deployment issue

    Hi , I am testing a version upgrade from Fortify SSC 18.2 to 22.2 To start with, I wanted to install Fortify SSC 18.2 first, I have installed Oracle database 12.2.0 , Fortify SSC 18.2, java 1.8 and apache tomcat 9.0.75 When I deployed the war file…
  • Scan time differs for same count of files

    Hi, I have executed two different scans .. One scan has 14000 files and the scan completed in a day. But the other scan which has 11000 files , only the the translation phase took 1 day. Why does this happen? Is there any specific reason? Please…
  • AnalysisUploadToken not working even before DaysToLive is completed

    Hi, I have created AnalysisUploadToken in SSC and using it with fortifyclient for fpr upload. But even before the DaysToLive is reached, the token is not working for upload. I have verified the serviceContext.xml (webapps/ssc/WEB-INF/internal/serviceContext…
  • Seed bundle fails

    Hi, I wanted to upgrade my Fortify 18.2(Oracle 12c) to 22.2.0 (Oracle 19c). To test the same, 1. I have put the SSC test instance (Fortify 22.2) in maintenance mode 2. I have installed Fortify 22 in a test machine with Oracle 19c and copied the…
  • Fortify SCA backup

    Hi, Is there a way to take a backup of the Fortify SCA? As we have all configurations and rulepacks in place in production , I want to take a backup and replicate the same in my stage. I was able to install the sca but I found I need to configure…
  • Reset admin password for Fortify 22.2

    Hi, I have configured Fortifity SSC 22.2.0 in a stage machine but am unable to login. I verified the log file ssc.log in fortify home directory. The below error is shown - /ssc/j_spring_security_check [WARN] com.fortify.manager.security.CustomLoggerListener…
  • Alternate for Fortify sca incremental analysis

    Hi, We have a large code base where we run the fortify scans on a monthly basis. But, every month the changes happen in the code base is less than 10% but we are scanning the full code base. I found that Fortify incremental scan feature has been…
  • Fortify scan failing due to sql exceptions

    Hi, there is a directory where sql files are present in the subdirectories. When I triggered a fortify scan, during the translation phase, there are a series of warnings in the format - Exception parsing file: .......................... Was expect…
  • Is there anything like - disable the minification of js file on build for FORTIFY scan

    Hi, I have triggered a fortify scan on a set of files in war layout (files extracted from a war and then scan is triggered). And when I viewed the results in Audit in Fortify SSC, few are shown as minified js files. But the name is not *.min.js. The…
  • Fortify Software Security Center .FPR Retrieval

    Is there a way to download a .FPR file from Fortify Software Security Center with all of the issues marked "Not an Issue" filtered out?
  • How to resolve "[warning]: Parse error in file" for Apex fortify scan.

    Hi Team, we are using Fortify_SCA_and_Apps_22.1.0 for salesforce (apex) application. Fortify Static Code Analysis runs and throws warnings 10000 : parse error in file. However FPR file is created in user local system with all warnings and 0 LOC (Excutable…
  • FortifyScanCentralDAST Task in Azure DevOps Pipeline

    I am integrating the Fortify ScanCentral DAST Assessment task into my CI/CD pipeline. For this task, I need a CI/CD Settings Identifier of a successful ScanCentral DAST scan in SSC. When my team runs a DAST scan on our application, they are finding…
  • Fortify ScanCentral DAST upgrade issue

    Hi, We are running Fortify SSC version 21.2. I'm trying to upgrade ScanCentral DAST from 21.1 to 21.2. I have configured all the parameters in DAST Configuration tool 21.2. Finally when i apply setting, throwing an error "Internal server error" "Database…
  • Moving SSC Database data to new server

    We are planning to setup new environment for SSC everything will change in this environment(server, database) and we want to replicate our old environment SSC database data in this new environment. My question is, how is the best way to move SSC database…
  • List of accepted solutions, past months - new version, Jan. 28

    Accepted Solutions is a method by which you identify and highlight the reply that best answers a question that you've posted. Accepted solution help others find answers faster. (see also FAQ on accepted solutions ) I personally tend to look at solutions…
  • Idea: Fortify Support participating in these forums

    d