Integrate Static Application Security Testing (SAST) into your GitHub workflows with Fortify. This GitHub Action sets up the Fortify ScanCentral Client, allowing you to:
- Downloads, extracts and caches the specified version of the Fortify ScanCentral Client zip file
- Adds the Fortify ScanCentral Client bin-directory to the path
These are the most common use cases for this GitHub Action:
- Start a SAST scan on a ScanCentral environment; note that the ScanCentral Controller must be accessible from the GitHub Runner where the workflow is running.
- Start a scan on Fortify on Demand (FoD), utilizing ScanCentral Client for packaging only;