Fortify for Dependency Track

Supported Products

Fortify Software Security Center

This plugin allows Fortify SSC to integrate results from Dependency-Track alongside findings from SCA, providing a consolidated view of security-centric code findings and vulnerable component findings.

Fortify Software Security Center

Features

  • Tracks application, library, framework, operating system, and hardware components
  • Tracks component usage across all version of every application in an organization's portfolio
  • Identifies multiple forms of risk including
    • Components with known vulnerabilities
    • Out-of-date components o Modified components
    • License risk o More coming soon…
Features

About Dependency-Track

Dependency-Track is an intelligent Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components. Dependency-Track takes a unique and highly beneficial approach by leveraging the capabilities of Software Bill-of-Materials (SBOM). This approach provides capabilities that traditional Software Composition Analysis (SCA) solutions cannot achieve.

Dependency-Track monitors component usage across all versions of every application in its portfolio in order to proactively identify risk across an organization. The platform has an API-first design and is ideal for use in Continuous Integration (CI) and Continuous Delivery (CD) environments.

Dependency-Track
release-rel-2020-10-1-5313 | Wed Oct 14 18:06:08 PDT 2020
5313
release/rel-2020-10-1-5313
Wed Oct 14 18:06:08 PDT 2020