Integrate Fortify static application security testing into your GitLab CI/CD pipeline. This uses the Fortify CI Tools container image that is publicly available on Docker Hub and can be used with a variety of systems, including the runner-based implementations that GitLab uses.
Perform a comprehensive Static Application Security Testing (SAST) assessment using Fortify on Demand (FoD). The fortify-sast-fod.yml template uses the Fortify ScanCentral client to prepare a zip file of the project source code and dependencies, and then invokes the FoDUploader utility to start a SAST scan in Fortify on Demand using the prepared payload.
Perform a comprehensive Static Application Security Testing (SAST) assessment using your on-premises Fortify ScanCentral environment. The fortify-sast-scancentral.yml template uses the Fortify ScanCentral client to prepare a zip file of the project source code and dependencies and then start a SAST scan in Fortify Software Security Center/ScanCentral using the prepared payload.
GitLab is one of the most popular source control management platforms and recently they augmented their DevOps capabilities to add native CI/CD pipeline functionality. GitLab CI/CD is a part of both the open source GitLab Community Edition and the proprietary GitLab Enterprise Edition