Uploading Scan Artifacts

The following procedure describes how to upload your scan artifacts to the Fortify Software Security Center database. For information about how to submit training metadata to Fortify Audit AssistantClosedAn optional tool used to connect Fortify Software Security Center to Fortify Scan Analytics. Audit Assistant (through Fortify Scan Analytics) helps determine whether the issues returned from Fortify Static Code Analyzer scan results represent true vulnerabilities, or are false positives., see Submitting Training Data to Audit Assistant.

Important!  The files you upload to Fortify Software Security Center must not exceed 2GB.

Note: If a scan artifactClosedAny type of file containing information or tasks pertinent to the secure development of an application version. Scan artifacts are used only in Fortify Software Security Center applications. requires approval based on analysis result processing rules, it must be approved before it can be processed. For information, see Approving Analysis Results for an Application Version.

To upload a scan artifact to the Fortify Software Security Center database:

  1. On the Dashboard or Applications view, move your cursor to the application versionClosedA particular iteration of the analysis of a codebase as it applies to Fortify Software Security Center. An application always begins with a first version. An administrator adds new versions, as needed. for which you want to upload an artifact, and then select Artifacts from the shortcut menu.

  2. The ARTIFACT HISTORY table lists all scan artifacts uploaded for the applicationClosedA customer codebase evaluated by Fortify software. The top-level container for one or more application versions. When you work with a new codebase, the application and first application version are automatically created. An application includes one or more application versions that users create and configure. version.

  3. Click ARTIFACT.

    The UPLOAD ARTIFACT dialog box opens.

  4. Click + ADD FILES.

  5. Navigate to and select one or more (up to five) artifact files to upload.

    Formats supported for artifact upload are FPR, XML, and, for third-party artifacts, ZIP.

    The UPLOAD ARTIFACT dialog box lists the selected files.

  6. To remove a file from the list, click the trash icon for that file.

  7. To remove all of the listed files, click CLEAR.

  8. After the list shows all of the files that you want to upload, click START UPLOAD.

    The dialog box displays a green progress bar as each file is uploaded.

  9. After your files are successfully uploaded, click CLOSE.

Viewing File Processing Errors

If there was an error in processing an uploaded artifact, the Status column of the ARTIFACT HISTORY table displays Error Processing, along with a circled number that indicates the number of processing rules violated.

To view information about the processing rules violated:

The Artifact Processing Messages box opens to display details about problems encountered during the upload.

See Also

Using an Application Identifier to Upload FPR Files

Using an Application Name and Version to Upload FPR Files

Downloading Scan Artifacts

Deleting Artifacts

Setting Analysis Results Processing Rules for Application Versions

About Auditing