Application Settings: Micro Focus ALM

To access this feature, click Edit > Application Settings and then select Micro Focus ALM.

To integrate Fortify WebInspect with Micro Focus Application Lifecycle Management (ALM), you must create one or more profiles that describe the ALM server, project, defect priority, and other attributes. You can then convert a Fortify WebInspect vulnerability to an ALM defect and add it to the ALM database.

ALM License Usage

Creating or editing a profile consumes a license issued to ALM. The license is released, however, when the ALM application settings are closed. Similarly, sending a vulnerability to ALM consumes a license, but it is released after the vulnerability is sent.

Before You Begin

Make sure that the ALM Client Registration Add-in is installed on the same machine as Fortify WebInspect before creating a profile. Refer to your ALM documentation for more details.

Creating a Profile

To create a profile:

  1. Click Add, and then enter a profile name in the Add Profile dialog box.

  2. Enter or select the URL of an ALM server. If you haven't previously visited an ALM site, the list is empty. To enter a URL, use the format http://<qc-server>/qcbin/. Do not append "start_a.htm" (or other file name) to the URL.

  3. Enter the user name and password that will allow you to access the server, and then click Authenticate.

    If the authentication credentials are accepted, the server populates the Domain and Project lists.

  4. Click Connect, and then select a subject in the Defect Reporting group.

  5. From the Defect priority list, select a priority that will be assigned to all Fortify WebInspect vulnerabilities reported to ALM using this profile.

  6. Use the Assign defects to list to select the person to whom the defect will be assigned, and then select an entry from the Project found in list.

  7. Use the remaining lists to map the Fortify WebInspect vulnerability rating to an ALM defect rating. If you select Do Not Publish, the vulnerability will not be exported. You must select at least one of the file mappings.

  8. To export notes and screenshots associated with a Fortify WebInspect vulnerability, select Upload vulnerability attachments to defect

  9. In the Required/Optional Fields group, double-click an entry and enter or select the requested information. If you try to save your work without supplying a required field, Fortify WebInspect prompts you to enter it.

See Also

Application Settings: Database

Application Settings: Directories

Application Settings: General

Application Settings: License

Application Settings: Logging

Application Settings: Override SQL Database Settings

Application Settings: Proxy

Application Settings: Reports

Application Settings: Run as a Sensor

Application Settings: Server Profiler

Application Settings: Smart Update

Application Settings: Step Mode

Application Settings: Support Channel

Application Settings: Telemetry

Application Settings: Two-Factor Authentication