Importing custom security content

You can import custom security content to use in your scans. Fortify Extension for Visual Studio stores custom rules in the <sca_install_dir>\Core\config\customrules folder.

To import custom external metadata, you must place your external metadata file in the <sca_install_dir>\Core\config\CustomExternalMetadata folder.

To import custom rules:

  1. From the Fortify extension menu, select Options.

  2. In the left pane, select Security Content Management.

  3. Under Update Security Content from Local System, click Custom Security Content.

    The Select Security Content dialog box opens.

  4. Select the custom rules files to import (*.xml and *.bin), and then click Open.

The Last Update information box reflects the imported custom security content.