Add Fortify on Demand (FoD) SAST template (!89444) · Merge requests · GitLab.org / GitLab

Ruud Senden requested to merge rsenden/gitlab:rsenden-master-patch-48409 into master Jun 07, 2022

What does this MR do and why?

Add a template for running SAST scans with Fortify on Demand (FoD).

Screenshots or screen recordings

See https://gitlab.com/Fortify/example-eightball/-/jobs/1901945546 for a sample run with this template (also see images below).

See https://gitlab.com/Fortify/example-eightball/-/security/vulnerability_report for the sample vulnerabilities generated by this template (also see images below).

How to set up and validate locally

This template can only be used by existing Fortify on Demand customers. Mike LeBeau and Matt Wilson from GitLab have seen this template in action during a Teams meeting on April 27th.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Add Fortify on Demand (FoD) SAST template

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports