Fortify for GitLab

Supported Products

Integrate Fortify static application security testing into your GitLab CI/CD pipeline. This uses the Fortify CI Tools container image that is publicly available on Docker Hub and can be used with a variety of systems, including the runner-based implementations that GitLab uses.

Fortify on Demand SAST

Perform a comprehensive Static Application Security Testing (SAST) assessment using Fortify on Demand (FoD). The fortify-sast-fod.yml template uses the Fortify ScanCentral client to prepare a zip file of the project source code and dependencies, and then invokes the FoDUploader utility to start a SAST scan in Fortify on Demand using the prepared payload.

Resources

 

Fortify ScanCentral SAST

Perform a comprehensive Static Application Security Testing (SAST) assessment using your on-premises Fortify ScanCentral environment. The fortify-sast-scancentral.yml template uses the Fortify ScanCentral client to prepare a zip file of the project source code and dependencies and then start a SAST scan in Fortify Software Security Center/ScanCentral using the prepared payload.

Resources
Fortify Integrations - GitLab

About GitLab

GitLab is one of the most popular source control management platforms and recently they augmented their DevOps capabilities to add native CI/CD pipeline functionality. GitLab CI/CD is a part of both the open source GitLab Community Edition and the proprietary GitLab Enterprise Edition

GitLab
release-rel-2021-5-1-6194 | Wed May 5 23:32:16 PDT 2021
6194
release/rel-2021-5-1-6194
Wed May 5 23:32:16 PDT 2021