Your browser is not supported

For the best experience, use Google Chrome or Mozilla Firefox.

Fortify for SonarQube

Supported Products

Fortify Software Security Center

The Fortify SonarQube plugin allows for importing Fortify scan results into SonarQube. It loads vulnerability data from Fortify Software Security Center (SSC) or Fortify on Demand (FoD) and displays each vulnerability as a SonarQube violation. The plugin also provides various metrics and other meta-data from Fortify SSC or FoD, such as issue counts and artifact status. The metrics are shown on the custom Fortify dashboard in SonarQube and can be used to define quality gates.

Fortify Software Security Center

About SonarQube

SonarQube is an open-source platform developed for continuous inspection of code quality to perform automatic reviews with static code analysis. It detects bugs, code smells, and security vulnerabilities in 27 programming languages. SonarQube provides clear remediation guidance for developers to understand and fix issues and for teams overall to deliver better, safer software.

SonarQube
release-rel-2024-11-1-9470 | Wed Nov 6 17:48:07 PST 2024
9470
release/rel-2024-11-1-9470
Wed Nov 6 17:48:07 PST 2024
AWS