There are no reviews yet. Be the first to send feedback to the community and the maintainers!
fcli
fcli is a command-line utility for interacting with various Fortify productsFortifyVulnerabilityExporter
Export Fortify vulnerability data to GitHub, GitLab, SonarQube and moreWebInspectAutomation
Sample Python script for automating WebInspect scans and pushing results to SSCgha-setup-scancentral-client
Deprecated; please use https://github.com/marketplace/actions/fortify-ast-scan insteadssc-restapi-client
Communicate with Fortify Software Security Center through REST API in java, a swagger generated clientgha-setup-fod-uploader
Deprecated; please use https://github.com/marketplace/actions/fortify-ast-scan insteadsample-parser
Example of a plugin that can parse non-Fortify security scan results and import them into Fortify Software Security Center.CloudDevSecOpsTemplates
Templates to integrate Fortify application security testing with Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP) and Oracle Cloud Infrastructure (OCI)github-action
Fortify GitHub Actionshelm3-charts
Fortify Helm Charts to automate deployment of Software Security Center (SSC), ScanCentral SAST and ScanCentral DAST to a Kubernetesfortify.github.io
gha-export-vulnerabilities
Deprecated; please use https://github.com/marketplace/actions/fortify-ast-scan insteadplugin-api
Plugin API to develop plugin for Fortify Security CenterIWA-DotNet
Insecure Web Application - .NET versionfortify-ssc-parser-sarif
SSC parser plugin for SARIF input filesfortify-client-api
Java Utility packages for working with various Fortify productsriches
FortifySyncFoDToSSC
Utility to synchronize FoD releases and scan results to SSCfortify-ssc-parser-burp
Fortify SSC Parser Plugin for BURP SuiteFortifyToolsInstaller
Deprecated; please use 'fcli tool * install' commands provided by fcli (https://github.com/fortify-ps/fcli) insteadfortify-ssc-parser-owasp-dependency-check
Fortify SSC Parser Plugin for OWASP Dependency Check resultsgha-fod-generate-sarif
Deprecated; please use https://github.com/marketplace/actions/fortify-ast-scan insteadfortify-ssc-parser-tenable-io-cs
Fortify SSC Parser Plugin for Tenable.io Container Security resultsgha-ssc-generate-sarif
Deprecated; please use https://github.com/marketplace/actions/fortify-ast-scan insteadfortify-ssc-parser-util
Generic utility classes for implementing SSC parser pluginsIWA-Java
Insecure Web + API application with example Fortify integrations into many DevSecOps and CICD platformsbsi-token-parser-kt
Kotlin Library for parsing BSI Tokens from Fortify on Demandshared-doc-resources
gha-fod-download-fpr
Proof of Concept: GitHub Action for downloading an FPR file from Fortify on Demand (FoD)ScanCentralDAST
Samples which can be leveraged with Fortify's ScanCentral DAST solution (20.2+)tool-definitions
shared-gradle-helpers
Various Gradle helper scriptsfortify-ssc-parser-generic-cyclonedx
Generic Fortify SSC parser plugin for CycloneDX SBOM. For Debricked, please use the Debricked-branded plugin available at https://github.com/fortify/fortify-ssc-parser-debricked-cyclonedxaudit-assistant-helm-charts
Helm charts for Audit Assistantfortify-ssc-parser-debricked-cyclonedx
Fortify SSC parser plugin to import Debricked SCA results for unified AppSec posture managementgha-fpr-to-sarif
Proof of Concept: GitHub Action to convert Fortify FPR files to SARIF formatsample-scala
Simple example showing how Fortify scanning can be performed in Scala applications built with Maven (using the "scala-maven-plugin" from https://github.com/davidB/) or Gradle.gha-sample-workflows-WebGoat.NET
Sample GitHub Action workflows based on the OWASP WebGoat.NET exampleLove Open Source and this site? Check out how you can help us