Setting up a Fortify on Demand Static Assessment

Perform the following tasks to set up a Fortify on Demand Static Assessment:

• Download and install the Fortify ScanCentral SAST client on the agent. See Downloading and Installing the Fortify ScanCentral SAST Client. This part is optional if you are using a Microsoft-hosted agent.
• Configure static scan settings. You can configure scan settings from the Fortify on Demand portal before submitting the assessment or from Azure DevOps as part of the task settings.

• Add the Fortify on Demand Static Assessment task to a pipeline in an Azure DevOps project. See Adding a Static Assessment Task.