Options
Related Tips & Info
Wikis - Page

Micro Focus Fortify Product Announcement: SCA, SSC, WI & WIE 19.2.0

Caroline Oest
 
0 Likes

Original Question: Micro Focus Fortify Product Announcement: SCA, SSC, WI & WIE 19.2.0 by Erdem_Menges

Micro Focus Fortify is pleased to announce the immediate availability of Fortify Software Security Center (SSC), Fortify Static Code Analyzer (SCA) 19.2.0, WebInspect 19.2.0, and WebInspect Enterprise 19.2.0. The 19.2.0 release provides core language improvements as well as tool and integration enhancements to drive greater customer efficiency and value.

Fortify Software Security Center (SSC) & Fortify Static Code Analyzer (SCA) 19.2.0 Product Announcement 

Fortify SSC and SCA 19.2.0 release emphasizes the evolving needs to enhance existing languages, improve integration/automation capabilities and support new constructs and frameworks. We continue to build on our vision to continue our market leadership by providing key enterprise enhancements that focus on improvements in speed, automation and usability.

Fortify Static Code Analyzer (SCA) 19.2.0 Key Highlights

    • Go Language Support: Support for translating Go Language version 1.12 source code on Windows and Linux platform has been added.
    • React Support: Support for React 16.5 JavaScript Library has been added. 
    • Modular Analysis: Tech preview of modular analysis for Java only has been added. Modular analysis allows you to pre-scan libraries and sub-libraries. You can then include these pre-scanned libraries when you scan the core project. Fortify Static Code Analyzer can follow dataflow through the libraries without including the source code of the libraries in the core application scan or requiring rules for these libraries. This results in a high quality scan without having to scan the dependencies each time you scan the core application.
    • Java 12 Support: Support for Java 12 has been added.
    • Performance improvements.

Fortify Software Security Center (SSC) and Tools 19.2.0 Key Highlights

    • ScanCentral Packager Support for .NET: Fortify ScanCentral (formerly called Fortify CloudScan) now supports packaging and scanning .NET solutions remotely (translation and analysis phases). The ScanCentral client intelligently packages .NET solutions for remote translation and scanning outside of the build environment.
        • Support for other directly-parsed languages have been added to ScanCentral.
        • The following languages are supported Fortify Static Code analyzer but not supported by ScanCentral for remote translation: the C family of languages (C/C /Objective-C/Swift), COBOL, and ActionScript.
    • Visual Studio 2019 Plugin: A new IDE extension for Visual Studio 2019. It supports the ability to remotely scan projects using Fortify ScanCentral. Watch Demo!
    • Jenkins Plugin with Native ScanCentral Support: This new plugin includes native Fortify ScanCentral support and new scan options that support Fortify Static Code Analyzer 19.2.0. Available for download at the following link: https://plugins.jenkins.io/fortify . Watch Demo!
    • Additional Items include: Audit Workbench Dark Theme, Software Security Center Session Logout Screens, Removal of Runtime Calls, Methods, and Parameters. New requirement for Audit Assistant custom tag mapping.

WebInspect & WebInspect Enterprise 19.2.0 Product Announcements

The 19.2.0 WebInspect and WebInspect Enterprise releases emphasize powerful new API scanning capabilities, improved integrations with an organization’s ecosystem, and improvements to the user experience.

WebInspect can be upgraded to the latest release using SmartUpdate service, or by downloading via the Software Support Portal.

Fortify WebInspect 19.2.0 Key Highlights 

    • Simplified API Scanning: Simplified API scanning using the OpenAPI (Swagger) API description format is now supported. Look for the API Scan option in the Basic Scan Wizard, or leverage the WebInspect API, CLI, or even container driven scanning to take advantage of this new feature. Watch Demo! 
    • Advanced API Scanning: Postman support has been added. WebInspect can now directly run your Postman collections for more advanced API scanning scenarios where unique workflows, complicated authentication, or specific parameter values are required. Watch Demo! 
    • Response State Patterns: WebInspect can now handle complex scenarios where an application requires passing data from a response into a subsequent request. To build response state rules, go to Scan Settings > HTTP Parsing. Watch Demo! 
    • Selenium WebDriver Integration: WebInspect now supports a direct integration with Selenium WebDriver. This integration allows leveraging existing Selenium assets to drive dynamic scanning via either WebInspect’s CLI or API. .
    • Macro Auto-Gen & Validation: We’ve updated the engines used by both our Macro Auto-gen, and our Macro Validation technologies. Customers should see more accuracy as we continue to invest in these important features.
    • Usability Improvements: You will notice some minor changes to our Advanced Settings options as we continue to simplify WebInspect and improve the user experience. 

Fortify WebInspect Enterprise 19.2.0 Key Highlights

    • Silverlight Removal: Chrome and Firefox will now work with the WebInspect Enterprise Desktop Client, removing the dependency on using Microsoft Silverlight.

Fortify Ecosystem and Marketplace

The Micro Focus Fortify Ecosystem is an integration framework covering 10 software categories with the tools, applications and REST APIs that organizations are leveraging across DevOps and 3rd party toolchains. Our ecosystem enable our customers to integrate our solutions easily and seamlessly into their environments with tools found in our Fortify Marketplace.

The Fortify Marketplace enables customers to go to one location to access new integrations, plugins, updates, etc.  The Fortify Marketplace can be found here: Fortify Marketplace

Join the Micro Focus Security Fortify Community!

Join the Micro Focus Security community that provides customer-facing forums, educational webinar, product documentation and tutorials. Connect with peers, ask questions, search for solutions, share ideas, and collaborate over best practices in the Community today. Visit: https://community.softwaregrp.com/t5/Fortify/ct-p/fortify

Documentation

You can find both html and pdf documentation for Fortify version 19.2.0 software products at:

https://www.microfocus.com/support-and-services/documentation/

Note: Legacy documentation (prior to 18.20) can still be found at:

https://community.softwaregrp.com/t5/Fortify-Product-Documentation/ct-p/fortify-product-documentation

Contact Support

For support, please visit https://softwaresupport.softwaregrp.com/

We hope that you continue to find out products helpful and we welcome any feedback. If you have any questions, please don’t hesitate to contact us.

 

Scott Johnson
Director of Product Management
Micro Focus Fortify
1 (404) 931-1028
scott.k.johnson@microfocus.com  

Micro Focus Fortify Release Announcement 19.20.pdf

Labels:

Announcement
How To-Best Practice
Comment List
Related
Recommended

Resources

Support
Documentation
Learning Services
Partner Programs
Privacy
Compliance
Help
Company
Privacy Policy
Terms of Use
Cookies Preferences
Accessibility
Anti-Slavery Statement
Support
Contact Us
Careers
Code of Business Conduct and Ethics
The opinions expressed above are the personal opinions of the authors, not of OpenText. By using this site, you accept the Terms of Use. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.), Hewlett Packard Enterprise Company, or Micro Focus. As of January 31, 2023, the Material is now offered by OpenText, a separately owned and operated company. Any reference to the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks is historical in nature and the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks are the property of their respective owners.