Downloading and installing the Fortify ScanCentral SAST client
A stand-alone Fortify ScanCentral SAST client is offered for automatically packaging all necessary dependencies and source code required for static scanning and the files required for Debricked open source scanning. The following languages are supported: .NET and .NET Core (MSBuild projects), Apex, Classic ASP, ColdFusion, Dockerfiles, Go, Java (Gradle and Maven projects), Javascript/Typescript, PHP, Python, and Ruby.
The latest version of the Fortify ScanCentral SAST client is available from the Tools page in the portal. Installation instructions are available in the README.txt file stored in the zip file.
The stand-alone Fortify ScanCentral SAST client is a component of the on-premises Fortify ScanCentral SAST software and is used to package code to send to a Controller for scanning. Fortify Azure DevOps Extension uses only the packaging feature of the Fortify ScanCentral SAST client. Details that are relevant to packaging your source code has been provided.
For more information about using the Fortify ScanCentral SAST client, see the Fortify Software Security Center Documentation. Select the documentation version that corresponds to your installed version.
Software requirements: "Fortify ScanCentral SAST Client Software Requirements" in Fortify Software System Requirements
Supported build tools: "Fortify ScanCentral SAST Sensor Languages and Build Tools" in Fortify Software System Requirements
Command-line options: "Package Command" in Fortify ScanCentral SAST Installation, Configuration, and Usage Guide