In my ASP web page I am displaying SSN number " name ="txtSSNID" size ="20"> The Fortify Developer tool detects this as error. How can I fix this issue. I need to display the SSN Number but the thing is it should not caught while testing in Fortify developer tool for security violations ...
Hey everyone! First off, any help is much appreciated! I am trying to use Fortify Source Code Analyzer for a research project at my school to test the security for open source Java web applications. I am currently working on Apache Lenya. I am working with the last stable release (Lenya v2.0.2). Inside the root directory there is a fil...
com.xpn.xwiki.test.AbstractXWikiComponentTestCase This is the only class that cannot be resolved. I have run mvn package Then I have tried to build with sourceanalyzer and this is the only class that cannot be found. I do not understand why mvn package would not have gotten this for me. Any help would be great. Thanks ...
Good morning, everyone. I'm on a short-term contracting gig, trying to patch some vulnerabilities in their legacy code. The application I'm working on is a combination of Classic ASP(VBScript) and .Net 2.0 (C#). One of the tools they have purchased is Fortify 360. Let's say that this is a current classic ASP page in the application...
Hi friends I am new in Hudson. I would like to execute a 'sourcecodeanalyzer' command in Hudson as Post-build Actions to generate an html report. Please let me know is this at all possible, if yes let me know the Hudson configuration steps to execute the command. Your earliest response in this regard will be extremely helpful. Thanks ...
My company requires our ASP.NET code to pass a Fortify 360 scan before releasing the code. We use AntiXSS everywhere to sanitize HTML output. We also validate input. Unfortunately, they recently changed the "template" Fortify was using and now it's flagging all our AntiXSS calls as "Poor Validation". These calls are doing things like Ant...
Anyone have any sample configurations using CruiseControl.net or similar tool? ...