Fortify Software Security Research (SSR) is pleased to announce the immediate availability of updates to Fortify Secure Coding Rulepacks (English language, version 2018.4.0), Fortify WebInspect SecureBase (available via SmartUpdate), Fortify Application Defender, and Fortify Premium Content.
The Micro Focus Fortify Software Security Research team translates cutting-edge research into security intelligence that powers the Micro Focus Security Products Portfolio. Highlights in this Release Announcement include:
Micro Focus Fortify Secure Coding Rulepacks [SCA]
With this release, the Fortify Secure Coding Rulepacks detect 789 unique categories of vulnerabilities across 25 programming languages and span over one million individual APIs. In summary, the release includes the following:
Fortify SecureBase combines checks for thousands of vulnerabilities with policies that guide users in the following updates available immediately via SmartUpdate:
Access Control: Authorization Bypass
Dynamic Code Evaluation: Code Injection
DISA STIG 4.8
PCI DSS 3.2.1
New policy to include checks relevant to DISA STIG 4.8.
New policy for WebSocket related vulnerabilities.
Micro Focus Fortify Premium Content
The research team builds, extends, and maintains a variety of resources outside our core security intelligence products.
DISA STIG 4.8 reports [i]
To accompany the new correlations, this release also contains a new report bundle for Fortify SSC with support for DISA STIG 4.8, which is available for download from the Fortify Customer Support Portal under Premium Content.
PCI DSS 3.2.1 [i]
To accompany the new correlations, this release also contains a new report bundle for Fortify SSC with support for PCI DSS 3.2.1, which is available for download from the Fortify Customer Portal under Premium Content.
Customers looking for the legacy site, with the last supported update, may obtain it from the Micro Focus Fortify Support Portal.
Details are available in the attached release letter along with specific feature requirements. We hope that you continue to find our products helpful and we welcome any feedback. If you have any questions, please don’t hesitate to contact us.