Support via Micro Focus Software Support, with a ticket filed against the associated product.
Micro Focus offers a content partnership program for select partners. Support for Partner Content offerings is provided by the partner and not by Micro Focus of the Micro Focus community.
Micro Focus Community Content is provided by Micro Focus for the benefit of customers, support for it is not available via Micro Focus Software Support but through specific community content forums.
Community Contributed Content is provided by Micro Focus customers and supported by them.
Compliment you SaST, DaST and IaST finding in SSC with Open Source security data from Sonatype's Nexus Lifecycle solution, powered by Nexus Intelligence, to get a complete, 360 degree view of your applications security posture.
Sonatype's Nexus Lifecycle is an open source Software Supply Chain Governance platform that allows organizations to precisely identify and reduce risk from the use of open source software without introducing false positives. This integration service and parser plugin can automatically publish results to Fortify Software Security Center (SSC) providing a consolidated view of vulnerable component findings alongside your SaAST, DaST and IaST findings. This Nexus Lifecycle integration accomplishes this by:
This plugin is free for all Sonatype Nexus Lifecycle customers.
The plugin parser and integration were developed and tested against 18.10 and 18.20 of the Fortify SSC product
Fixed issue where all vulns were coming in as Vulnerable OSS with a CVE number attached. Added a 'recommended version' to the remediation guidance
This is the initial release of Sonatype's Nexus Lifecycle integration for Fortify SSC. Complete documentation can be found in the bundle.
Related content and resources
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox