Fortify on Demand

Jenkins Plugins Build Status

Fortify on Demand is a Software as a Service (SaaS) solution that enables your organization to easily and quickly build and expand a Software Security Assurance program. The Fortify on Demand Jenkins Plugin enables users to perform Static Application Security Testing (SAST) and Dynamic Applicaton Security Testing (DAST) from Jenkins. This plugin features the following tasks:

  • Run a static assessment for each build triggered by Jenkins.
  • Run a DAST Automated assessment for each build triggered by Jenkins.
  • Poll for scan status and scan results.

This plugin requires a Fortify on Demand account. For more information on Fortify on Demand and to request a free trial, see https://www.opentext.com/products/fortify-on-demand.

More Information

Changelog: https://github.com/jenkinsci/fortify-on-demand-uploader-plugin/blob/master/CHANGELOG.md
Usage instructions: https://www.microfocus.com/documentation/fortify-on-demand-jenkins-plugin/

Limitations

  • Fortify on Demand Jenkins Plugin 8.0 supports up to Jenkins version 2.346.1. Some UI components, including application and release fields, do not load in versions greater than 2.346.1.
  • The 2.0.9 (Obsolete) plugin version is slow to populate the pull down menu's in Redhat 7 machines. Please wait a minute or two and the first field should populate.