Getting a Fortify Scan Analytics Authentication Token

To integrate with Audit AssistantAn optional tool used to connect Fortify Software Security Center to Fortify Scan Analytics. Audit Assistant (through Fortify Scan Analytics) helps determine whether the issues returned from Fortify Static Code Analyzer scan results represent true vulnerabilities, or are false positives., you must first obtain a Fortify Scan AnalyticsAn application that helps you to determine which of the issues returned in Fortify Static Code Analyzer scan results represent true vulnerabilities, and which do not. To make its determinations, Scan Analytics needs data to establish a baseline for its audits. This data consists of the decisions users have made during scan audits about how to characterize various issues uncovered in code scans. authentication tokenUnique keys that enable users to automate actions within Fortify Software Security Center without using passwords. The user requests a token, authenticates to the Fortify Software Security Center server, and receives back a string that is permissioned for a small set of time-limited actions. Fortify Scan Analytics also generates authentication tokens that are required to configure a connection between Scan Analytics and Fortify Software Security Center..

To obtain a Fortify Scan Analytics authenticationIdentity verification, typically with passwords. Authentication precedes authorization. token:

1. Log on to Fortify Scan Analytics (https://analytics.fortify.com).
2. On the Fortify header, select ADMINISTRATION, and then select TOKENS.
3. On the Tokens page, click +ADD.
4. In the Name box, type a name for the token to generate.

5. Click SAVE.

   The Tokens page lists the new token.

6. To the right of the token name, click the view icon ().

   The Token window opens.

7. Select and copy the token text, and then click CLOSE.

Use the copied token to configure the integration with Audit Assistant. (See Configuring Audit Assistant.)