• issuesDeltaExport REST API not working.

    I am trying to execute a POST request to the issuesDeltaExport endpoint exposed by the Fortify SSC v23.1. It is documented in the API Documentation. This is what I get with Postman: Inside the headers, I defined the authorization header like: Authorization…
  • Dynamic scanning site with captcha enabled in Login Form

    Dear team I try to scanning a site with captcha enabled in this case I try to scan a wordpress wp-admin site with captcha enabled in there, according to Documentation WI, for captcha site in Web Inspect we can use Form interactive login to accomplish…
  • Fortify SSL Configuration for SSC, LIM, etc

    Hi guys, I want to know how exactly configure Fortify SSC with SSL in order to change the Application URL. I tried to found any information about it but I couldn't found anything useful, so I ask here. Currently I have the following urls: LIM: …
  • AppSec Academy: Cloud DevSecOps

    CyberRes AppSec Education Services is thrilled to announce our first public Cloud DevSecOps Academy . Learn how to integrate Azure, GitLab, and GitHub with Fortify SAST & DAST.
  • Fortify WebInspect on Docker

    WebInspect Docker was designed as a standalone scanner for CI/CD pipelines creating scans via CLI or API, though it has been modified for ScanCentral DAST. The Dockerized WebInspect is a headless implementation that includes SQL Express. The primary use…
  • Chatbots in Fortify Digital Learning, is it Hype?

    Hi, all you Fortify Digital Learning Champions I should have done this sooner, but I wanted to ask you a question. Is having a Chatbot or bots embedded in Fortify Digital Learning worth it? A Chatbot can offer answers to questions (24/7) that might…
  • Fortify WebInspect OAST

    OAST vulnerabilities do not reflect back to WebInspect, making them difficult to detect with traditional DAST scanning. The Fortify OAST server provides DNS service for the detection of out-of-band attack vulnerabilities. You configure and use the server…
  • Fortify on Demand DAST – An Introduction

    This course is aimed at testers or other team members who need to understand how to use FoD to perform DAST (dynamic) scans on applications. There are separate courses that perform training on how to administer FoD, perform SAST (static) scans, and automatic…
  • Fortify Education Technical Insight - What's available for our customers

    We introduce you to the #Fortify #education team in this Insight session . We look at the Learning Management System SABA, review the Fortify security training offerings and explore agile learning, including our Trial of the use of #Chatbots. We kept…
  • Fortify SAST Integration with Azure

    This course gives you multiple ways to include Fortify into your Azure DevOps to create an efficient DevSecOps that runs Static Application Security Testing (SAST) along with your application development. You can choose to work through all of the different…
  • Fortify on Demand (FoD) SAST – an Introduction for Developers

    As a developer that uses FoD, in this course, you will get an introduction on how to perform SAST scans from the web interface and supported IDEs, how to interpret scan results, how to use FoD to help you determine which issues need addressing, how to…
  • Fortify Integration with GitLab

    This Digital Learning course helps the user configure and run Fortify’s static and dynamic scans in their GitLab environment to include Security early in the SDLC. Learn the steps for setting up Fortify and showcasing the ease of use for creating repositories…
  • Fortify Integration with GitHub

    This Fortify GitHub course helps the user configure and run Fortify’s static and dynamic scans in their GitHub environment to include Security early in the SDLC. Learn & perform the steps for setting up Fortify and showcasing the ease of use for creating…
  • Rule IDs for Filtering

    The Fortify SCA documentation provides an example for filtering using RuleID (for Path Manipulation): #This is a specific Rule ID that leads to the reporting of a #specific issue in the scan output: in this case the #dataflow sink for a Path Manipulation…