Uploading analysis results to Fortify Software Security Center

You can manually upload analysis results to Fortify Software Security Center any time after a local analysis is completed. However, before you do, a corresponding application version must already exist in Fortify Software Security Center.

By default, Fortify Software Security Center does not permit you to upload scans performed in quick scan mode. However, you can configure your Fortify Software Security Center application version so that uploaded audit projects scanned in quick scan mode are processed. For more information, see analysis results processing rules in the OpenText™ Fortify Software Security Center User Guide.

To upload analysis results to Fortify Software Security Center:

  1. Make sure that you have a generated FPR file in the default location (the source project folder) or the location configured in the analysis settings (see Configuring Advanced Local Analysis Options).

    The FPR file must already exist.

  2. From the IntelliJ or Android Studio menu bar, select Tools > Fortify > Upload Results to Software Security Center.

    The Software Security Center Credentials dialog box opens.

  3. If prompted to login to Fortify Software Security Center:

    1. If you have not already configured the URL for Fortify Software Security Center, type the server URL in the SSC URL box.
    2. From the Login method menu, select the login method set up for you on Fortify Software Security Center.

    3. Depending on the selected login method, follow the procedure described in the following table.

      Login Method Procedure
      Username/Password Type your Fortify Software Security Center user name and password.
      Authentication Token

      Specify the decoded value of a Fortify Software Security Center authentication token of type ToolsConnectToken.

      For instructions about how to create an authentication token from Fortify Software Security Center, see the OpenText™ Fortify Software Security Center User Guide.
  4. Select the Fortify Software Security Center application version that corresponds to your project, and then click OK.

You can now open the application and view the analysis results from Fortify Software Security Center or from the Fortify Remediation Plugin for IntelliJ IDEA and Android Studio. For information about how to view and work with analysis results in Fortify Software Security Center, see the OpenText™ Fortify Software Security Center User Guide. For information about how to view and work with analysis results from IntelliJ or Android Studio, see OpenText™ Fortify Remediation Plugin for IntelliJ IDEA and Android Studio User Guide in Fortify Remediation Plugin for IntelliJ IDEA and Android Studio Documentation.