Translation and analysis phase verification

Fortify Audit Workbench certification indicates whether the code analysis from a scan is complete and valid. The project summary in Fortify Audit Workbench shows the following specific information about OpenText SAST scanned code:

List of files scanned, with file sizes and timestamps
Java class path used for the translation (if applicable)
Rulepacks used for the analysis
OpenText SAST runtime settings and command-line options
Any errors or warnings encountered during translation or analysis
Machine and platform information

To obtain result certification, you must specify FPR for the analysis phase output format.

To view result certification information, open the FPR file in Fortify Audit Workbench and select Tools > Project Summary > Certification. For more information, see the OpenText™ Fortify Audit Workbench User Guide.