Fortify for Snyk

Supported Products

Fortify SSC integration in Snyk

Integrate the Snyk plugin with Micro Focus Fortify Software Security Center (Fortify SSC) and obtain a unified view of your open source security vulnerabilities.

Combining the two sources provides a more accurate view of the overall application portfolio security posture, and also naturally tracks that posture over time as vulnerabilities are fixed or introduced.

The Snyk parser plugin converts your Snyk scan results into a format that Fortify SSC can read and display.

Fortify SSC integration in Snyk

Snyk analysis results in Fortify SSC

The Snyk plugin parses scanned results from Snyk and then feeds those results into Fortify SSC. In this way, you can view, monitor and manage your open source vulnerabilities in a single view.

To display Snyk data from the Fortify app:

  • The user runs a Snyk scan on a project from the CLI, generating a .json report.
  • The user uploads the report to Fortify SSC.
  • The plugin parses the results and feeds them to Fortify, for the application project.
  • The Snyk scan results are displayed from Fortify and the user can view and track data from the Fortify SSC app user interface (UI).
Resources
Snyk analysis results in Fortify SSC

About Snyk

Snyk helps organizations find and fix vulnerabilities in open source dependencies and container images. Snyk’s unique combination of developer-first tooling and best in class security depth enables businesses to easily build security into their continuous development process.

snyk
release-rel-2020-10-1-5313 | Wed Oct 14 18:06:08 PDT 2020
5313
release/rel-2020-10-1-5313
Wed Oct 14 18:06:08 PDT 2020