fortify/WebInspectAutomation

Stars
21
Rank 1,084,038 (Top 22 %)
Language
Python
Created over 5 years ago
Updated over 2 years ago

fortify/WebInspectAutomation

fortify

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Sample Python script for automating WebInspect scans and pushing results to SSC

fcli

fcli is a command-line utility for interacting with various Fortify products

FortifyVulnerabilityExporter

Export Fortify vulnerability data to GitHub, GitLab, SonarQube and more

gha-setup-scancentral-client

Deprecated; please use https://github.com/marketplace/actions/fortify-ast-scan instead

ssc-restapi-client

Communicate with Fortify Software Security Center through REST API in java, a swagger generated client

gha-setup-fod-uploader

Deprecated; please use https://github.com/marketplace/actions/fortify-ast-scan instead

sample-parser

Example of a plugin that can parse non-Fortify security scan results and import them into Fortify Software Security Center.

ssc-js-sandbox

Fortify Software Security JavaScript sandbox

CloudDevSecOpsTemplates

Templates to integrate Fortify application security testing with Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP) and Oracle Cloud Infrastructure (OCI)

github-action

Fortify GitHub Actions

helm3-charts

Fortify Helm Charts to automate deployment of Software Security Center (SSC), ScanCentral SAST and ScanCentral DAST to a Kubernetes

fortify.github.io

gha-export-vulnerabilities

Deprecated; please use https://github.com/marketplace/actions/fortify-ast-scan instead

plugin-api

Plugin API to develop plugin for Fortify Security Center

IWA-DotNet

Insecure Web Application - .NET version

fortify-ssc-parser-sarif

SSC parser plugin for SARIF input files

fortify-client-api

Java Utility packages for working with various Fortify products

riches

FortifySyncFoDToSSC

Utility to synchronize FoD releases and scan results to SSC

fortify-ssc-parser-burp

Fortify SSC Parser Plugin for BURP Suite

FortifyToolsInstaller

Deprecated; please use 'fcli tool * install' commands provided by fcli (https://github.com/fortify-ps/fcli) instead

fortify-ssc-parser-owasp-dependency-check

Fortify SSC Parser Plugin for OWASP Dependency Check results

gha-fod-generate-sarif

Deprecated; please use https://github.com/marketplace/actions/fortify-ast-scan instead

fortify-ssc-parser-tenable-io-cs

Fortify SSC Parser Plugin for Tenable.io Container Security results

gha-ssc-generate-sarif

Deprecated; please use https://github.com/marketplace/actions/fortify-ast-scan instead

fortify-ssc-parser-util

Generic utility classes for implementing SSC parser plugins

IWA-Java

Insecure Web + API application with example Fortify integrations into many DevSecOps and CICD platforms

bsi-token-parser-kt

Kotlin Library for parsing BSI Tokens from Fortify on Demand

shared-doc-resources

gha-fod-download-fpr

Proof of Concept: GitHub Action for downloading an FPR file from Fortify on Demand (FoD)

ScanCentralDAST

Samples which can be leveraged with Fortify's ScanCentral DAST solution (20.2+)

tool-definitions

shared-gradle-helpers

Various Gradle helper scripts

fortify-ssc-parser-generic-cyclonedx

Generic Fortify SSC parser plugin for CycloneDX SBOM. For Debricked, please use the Debricked-branded plugin available at https://github.com/fortify/fortify-ssc-parser-debricked-cyclonedx

audit-assistant-helm-charts

Helm charts for Audit Assistant

fortify-ssc-parser-debricked-cyclonedx

Fortify SSC parser plugin to import Debricked SCA results for unified AppSec posture management

gha-fpr-to-sarif

Proof of Concept: GitHub Action to convert Fortify FPR files to SARIF format

sample-scala

Simple example showing how Fortify scanning can be performed in Scala applications built with Maven (using the "scala-maven-plugin" from https://github.com/davidB/) or Gradle.

gha-sample-workflows-WebGoat.NET

Sample GitHub Action workflows based on the OWASP WebGoat.NET example