What’s New
Fortify Static Code Analyzer
Fortify offers the most comprehensive static, dynamic and mobile application
and security testing technologies, backed by industry-leading security research.
Fortify solutions can be deployed on-premise
or as a service to build a scalable, agile
application security program that meets the
evolving needs of today’s IT organization.
Fortify SCA is a static application security
testing (SAST) offering used by development
groups and security professionals to analyze
the source code for security vulnerabilities.
It reviews code and helps developers identify,
prioritize, and resolve issues with less effort
and in less time.
What’s New
• Fortify SCA supports 27+ programming
languages including newly added
languages such as Kotlin and Go Language.
Latest language support includes Java 14,
Lombok, MSBuild 16.6, XCode up to 11.7,
ECMA Script 2019 and 2020, TypeScript
3.9 and 4.0, Kotlin 1.3.50, Go Modules,
IBM Enterprise Cobol up to version 6.1,
and Python 3.8. See Fortify language
support here: https://www.microfocus.
com/en-us/fortify-languages.
• SAST Speed Dial gives better control of
the speed and accuracy of your static
testing by tuning the depth of the scan
based on application need. Increase scan
speeds by 50% by utilizing commit and
CI dial settings, saving deep SAST scans
for when you need them.
• CI/CD Integration by utilizing GitHub
Actions and GitLab CI Workflows that
set up the Fortify ScanCentral Client
795-000002-001 | M | 04/21 | © 2021 Micro Focus or one of its affiliates. Micro Focus and the Micro Focus logo, among others, are trademarks or registered trademarks of Micro Focus or its subsidiaries
or affiliated companies in the United Kingdom, United States and other countries. All other marks are the property of their respective owners.
to integrate Static Application Security
Testing (SAST) into your CI/CD pipeline.
To push this further, Commit Scan by
Fortify allows users to scan on commit
with GitHub, GitLab, etc, creating faster
“Fortify software is
scans with a flexible ruleset. important in realizing our
• Docker support that includes running Product Security Strategy
Fortify SCA in a Docker container, and because it helps us detect
support for scanning a Docker config file.
vulnerabilities early in the
Did You Know? development lifecycle.
• Security Assistant for Eclipse or Visual This is essential …
Studio provides real-time-as-you-type
security analysis on code.
because the earlier
• Audit Assistant combines past audit data we find vulnerabilities,
and machine learning, to automatically the more efficiently
triage security issues with up to 98% we can repair them.
accuracy. Audit Assistant is available as
a cloud-based service to both Fortify on
Demand and Fortify on-premise customers, “I can definitely say that
and as a completely on-premise option to Fortify software has
bring the entire Audit Assistant stack to
your premises. helped SAP in producing
• Smart View helps auditors and developers more secure code.”
quickly understand how multiple issues
are related from a data flow perspective.
• Many important product usage tips are
available via Fortify Unplugged Videos.
Additionally important tools and
integrations can be accessed via the
Fortify Marketplace.
• Subscribe to the Fortify Product
Announcement board today to stay up
to date on what’s new with our products!