Micro Focus have integrated Secure Code Warrior® into two of their products:
- Fortify On Demand (FoD) - Cloud SAST tool
- Fortify Software Security Center (SSC) - On-premises SAST tool
Fortify On-Demand (FoD)
No configuration to enable this is needed. Users can access training by following these steps:
- Drill down into Applications → Releases and choose an issue to view
- Choose the Recommendations tab
- From the Recommendations tab, scroll down to Interactive Training and click the Launch Training link
Fortify Software Security Center (SSC)
Appsec Training needs to be enabled in the Administration settings as described below:
- On the Fortify header, select Administration
- In the left panel, select Configuration, and then select AppSec Training
- On the AppSec Training page, leave the Enable Training check box selected
- To determine whether your online training vendor has integrated with Fortify Software Security Center and to obtain the corresponding training URL, contact Micro Focus Fortify Customer Support (https://softwaresupport.softwaregrp.com).
- In the Training URL box, type your application security training URL as https://integration-api.securecodewarrior.com/partner.
- Click Save
Once everything is properly enabled, Secure Code Warrior can be accessed by following these instructions:
- In the Audit view of a Security issue in the Software Security Center, the Get Training link will open a training module on the issue if it's mapped from Fortify to Secure Code Warrior.
Video Demonstration on Fortify Implementations:
Tip: Fortify on-demand piece starts at 6:35