fcli is a command-line utility for interacting with various Fortify products

Export Fortify vulnerability data to GitHub, GitLab, SonarQube and more

Communicate with Fortify Software Security Center through REST API in java, a swagger generated client

Templates to integrate Fortify application security testing with Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP) and Oracle Cloud Infrastructure (OCI)

Fortify Software Security JavaScript sandbox

Example of a plugin that can parse non-Fortify security scan results and import them into Fortify Software Security Center.

Plugin API to develop plugin for Fortify Security Center

SSC parser plugin for SARIF input files

Ligoj plugin for Fortify : issues and rate

Libraries used by various Fortify tools, not meant for 3rd-party use

Utility to synchronize FoD releases and scan results to SSC

Fortify SSC Parser Plugin for OWASP Dependency Check results

Generic utility classes for implementing SSC parser plugins

Fortify SSC Parser Plugin for BURP Suite

Generic Fortify SSC parser plugin for CycloneDX SBOM. For Debricked, please use the Debricked-branded plugin available at https://github.com/fortify/fortify-ssc-parser-debricked-cyclonedx

Fortify SSC Parser Plugin for Tenable.io Container Security results

Fortify API is a Python RESTFul API client module for Fortify's Software Security Center

Checks HP Fortify for projects and project versions. If the project doesn't exist, then the task is capable of creating the project and an initial version. If the project version doesn't exist, then the task is capable of creating the version and also capable of copying issues/suppressions from previous versions.

Microfocus Fortify Parser for importing Sonatype IQ Server scan results

Alternative sample parser implementation