How to use Fortify to analyse T-SQL

views:

answers:

How to use Fortify to analyse T-SQL

sourceanalyzer -b ID ttt.sql (no error) sourceanalyzer -b ID -scan -f result.fpr (no error)

But when I used Fortify Audit Workbench to open the result.fpr file,there is nothing in Issues(no Hot,no Warning,no Info). Was I missed out any parameters in the sourceanalyzer's command ?

This is quite common. As of SCA 5.9.5, SCA may not find many vulnerabilities in T-SQL files.

Douglas Held 2010-09-03 04:34:28

related questions

*= in Sybase SQL

sql missing rows when grouped by DAY, MONTH, YEAR

Adapt Replace all strings in all tables to work with text

Can you call a webservice from TSQL code?

How to tell the data types after executing a stored procedure?

C# - SQLClient - Simplest INSERT

SQL Server: Get data for only the past year

Get last item in a table - SQL

Is there a way to make a TSQL variable constant?

Create a database from another database?

SQL Server PIVOT examples?

What are some references, lessons and or best practices for SQL optimization training.

What's a good way to check if two datetimes are on the same calendar day in TSQL?

Trigger without a transaction?

How do I do an Upsert Into Table?

What is the easiest way using T-SQL / MS-SQL to append a string to existing table cells?

How do I avoid using cursors in Sybase (T-SQL)?

Best .NET Solution for Frequently Changed Database

T-Sql date format for seconds since last epoch / formatting for sqlite input

HOWTO - Compare a date string to datetime in SQL Server?

Differences Between MySql and MS SQL

Best method for varchar date validation in Sybase (T-SQL)?

interrogating table lock schemes in T-SQL

Testing for inequality in T-SQL

T-Sql Remove Decimal Point From Money Data Type

ansaurus

tags:

views:

answers:

How to use Fortify to analyse T-SQL

related questions