Select the protocol for the connection (HTTPS or HTTP) (Default: HTTPS)
Fortify on Demand
Table of Contents
Supported methods
The integration supports the following:
-
File Upload: The supported file formats are FVDL and FPR.
-
Remote Connection: Download scan results using Fortify on Demand web services.
Configuration options are detailed below.
Configuration
Connection details
Enter the connection details for the server.
Protocol |
|
|---|---|
Server |
The domain name or IP address of the server, such as |
Context Root |
Top-level location where Fortify on Demand is installed on a server. The value for this may be dependent on the configuration of an internal corporate proxy, or where an administrator has installed Fortify on Demand. |
Tenant Name |
The name assigned to your organization by Fortify on Demand |
Credentials
Enter the credentials needed to authenticate to the server. The connection supports Basic Authentication.
Basic Authentication
Username |
Username authorized to connect with the server. This user should be able to download scan results for any anticipated project. |
|---|---|
Password/Personal Access Token |
The password used to authenticate to the server. If a personal access token is used, then it must have at least view-apps and view-issues api scope. |
Synchronization
Enter details about connecting to the server.
This Verification server is hosted within a private network and cannot be reached directly by SD Elements. |
Select this option if SD Elements does not have direct network access to the Fortify on Demand server. For example, if you are using a hosted SD Elements instance but you want to integrate with an internal/protected Fortify on Demand system, choose this option and run the Remote Integration Agent to perform integration. |
|---|
Advanced options
Enter advanced configuration options.
Bypass server certificate validation for HTTPS (insecure, only for testing purposes) |
Check this option if you need to test a connection without the proper SSL/TLS certificates. |
|---|
Sync frequency
Select how frequently SD Elements should retrieve scan results from the server. You can choose from the following options. The more frequently you run an import, the greater the performance impact on both SD Elements and the server. This is generally only a concern for large organizations running many imports at once.
Hourly, Daily, Weekly, or Monthly |
The projects will import scan results automatically every hour, day, week or month. Daily import is typically sufficient. However, you may want to select a more frequent interval if development moves quickly in your organization. |
|---|---|
Manually |
You must click the Import button on the Verification Integrations page to import the results. This is the default value. |
Project details
Enter the information required to import scan results from a Fortify on Demand project.
Application Name |
The name of the application in Fortify on Demand. |
|---|---|
Release Name |
The version of the application in Fortify on Demand. |