Requirements to scan with ScanCentral SAST

To analyze your code with ScanCentral SAST, you need the following:

• A local copy of a ScanCentral SAST client

  For information on how to obtain a ScanCentral SAST client, see Requirements for Using the Fortify Analysis Plugin.

• A properly configured ScanCentral SAST installation

  Make sure that the configuration for your ScanCentral SAST client is authorized with a client authentication token that matches the setting for the ScanCentral SAST Controller. For more information, see the OpenText™ ScanCentral SAST Installation, Configuration, and Usage Guide.

• To connect to ScanCentral SAST from the Fortify Analysis Plugin, you need either:

  • A ScanCentral SAST ControllerURL

    If the ScanCentralSAST Controller uses an SSL connection from an internal certificate authority or a self-signed certificate, you must add the certificate to the Java Keystore depending on the location of the ScanCentral SAST client:

    • Installed with OpenText™ Application Security Tools: <tools_install_dir>/jre/lib/security/cacerts/

    • Standalone ScanCentral SAST client: <java_home_dir>/lib/security/cacerts

  • A Fortify Software Security CenterURL and an authentication token of type ToolsConnectToken

    To configure the Fortify Software Security CenterURL, see Working with Fortify Software Security Center.

To send the analysis results to a Fortify Software Security Center server, you need the following:

See Also

Requirements for Using the Fortify Analysis Plugin