Filters

CLEAR ALL

Search Results ()

Filter Icon
X

Filter

CLEAR ALL

Products

Categories

Tags

Apply

Search Results ()

Sort By: Recent Plugins
Sort By: Name (A-Z)
Sort By: Name (Z-A)

    All Plugins (172)

    Filter Icon
    Sort By: Recent Plugins
    Sort By: Name (A-Z)
    Sort By: Name (Z-A)
    Sort By: Recent Plugins
    Sort By: Name (A-Z)
    Sort By: Name (Z-A)

    Quick Info

    Product icon
    Product
    DevOps Velocity (HCL Accelerate)
    Plugin type icon
    Type
    plugin
    Compatibility icon
    Compatibility
    HCL DevOps Velocity version 2.0.0 or later
    created by icon
    Created by
    HCL Software
    Website icon
    Website
    Fortify SSC
    Published Date
    March 1st, 2022
    Last Updated
    March 28th, 2024

    Description

    Fortify Software security center (SSC) enables teams with the application security program automation capabilities. It enables to manage, develop, and provide security for the software protection activities.

    Quick Info

    Product icon
    Product
    DevOps Velocity (HCL Accelerate)
    Plugin type icon
    Type
    plugin
    Compatibility icon
    Compatibility
    HCL DevOps Velocity version 2.0.0 or later
    created by icon
    Created by
    HCL Software
    Website icon
    Website
    Fortify SSC
    Published Date
    March 1st, 2022
    Last Updated
    March 28th, 2024

    ucv-ext-fortify-ssc:1.0.19.tar

    Uploaded: 22-Sep-2022 01:32

    Pull Command

    docker pull hclcr.io/accelerate/ucv-ext-fortify-ssc:1.0.19

    Release Notes

  • Added WorkflowId: Under the hidden properties section of add integration page for the plugin a Workflow ID field is added. This field is optional and can be used to provide WorkflowId - the ID of a Value Stream (VSM )to which the vulnerability data is associated.
    • Download Icon DOWNLOAD

    ucv-ext-fortify-ssc:1.0.18.tar

    Uploaded: 24-Aug-2022 04:49

    Pull Command

    docker pull hclcr.io/accelerate/ucv-ext-fortify-ssc:1.0.18

    Release Notes

  • Resolved Incorrect Count Issue: The count of Critical, High, Low, and Medium level issues in Application Vulnerabilities chart was incorrect in previous version of plugin.
  • Changed Record Name: Previously record name in Application Vulnerabilities chart was equivalent to Application Name + Application version. Now the Application Name part has been removed from record name.
    • Download Icon DOWNLOAD

    ucv-ext-fortify-ssc:1.0.16.tar

    Uploaded: 22-Aug-2022 07:30

    Pull Command

    docker pull hclcr.io/accelerate/ucv-ext-fortify-ssc:1.0.16

    Release Notes

  • Project Names Field Added: The Fortify SSC Plugin was syncing all project data. Added a field to provide a comma separated list of project names to sync data from. Due to a massive no. of projects, plugin was crashing.
  • Removed Manual User Access Key: From current version onwards this plugin will only support Auto Generated User Access Key feature of HCL DevOps Velocity.
  • Initial Sync Date Field Added: Under the hidden properties section of add integration page for Fortify SSC plugin an Initial Sync Date field is added. This field is optional and can be used only for first sync.
    • Download Icon DOWNLOAD

    ucv-ext-fortify-ssc:1.0.7.tar

    Uploaded: 08-Jun-2022 06:55

    Pull Command

    docker pull hclcr.io/accelerate/ucv-ext-fortify-ssc:1.0.7

    Release Notes

  • Reduced whitesource vulnerabilities
    • Download Icon DOWNLOAD

    ucv-ext-fortify-ssc:1.0.1.tar

    Uploaded: 24-Jan-2022 15:41

    Pull Command

    docker pull hclcr.io/accelerate/ucv-ext-fortify-ssc:1.0.1

    Release Notes

  • Initial Release
    • Download Icon DOWNLOAD

    Summary

    Fortify Software security center (SSC) is a centralized management repository producing transparency to team’s full range of application security functionality for rectifying security threats across software platforms.

    Usage

    To use the Fortify SSC server plugin, the plugin must be loaded and an instance created before you can configure the plugin integration. You define configuration properties in the user interface.

    Integration type

    The Fortify SSC plugin supports scheduled events integration which is listed in the following table.

    Scheduled events
    Name Description
    fortifyScheduledEvents The Fortify SSC plug-in processes incoming data from the Fortify SSC server.

    Integration

    Use the user interface to integrate the plugin.

    1. From the Plugins page, click Settings > Integrations > Plugins.
    2. Under the Action column for the plugin, click Add Integration.
    3. On the Add Integration page enter the values for the fields used to configure the integration and define communication.
    4. Click Save.

    See Configuration properties topic for the properties used to define the integration.

    Configuration properties

    The following tables describe the properties used to configure the integration.

    • The General Configuration Properties table describes configuration properties used by all plugin integrations.
    • The Fortify SSC Configuration Properties table describes the configuration properties that define the connection and communications with the Fortify server.

    Some properties might not be displayed in the user interface, to see all properties enable the Show Hidden Properties field.

    General Configuration properties
    Name Description Required Property Name
    NA The version of the plugin that you want to use. To view available versions, click the Version History tab. If a value is not specified, the latest version is used. No image
    Integration Name An assigned name to the value stream. Yes name
    Logging Level The level of Log4j messages to display in the log file. Valid values are: all, debug, info, warn, error, fatal, off, and trace. No loggingLevel
    NA List of configuration properties used to connect and communicate with the Redmine server. Enclose the properties within braces. Yes properties
    The name of the tenant. Yes tenant_id
    NA Unique identifier assigned to the plugin. The value for the Redmine plugin is ucv-ext-fortify-ssc. Yes type
    HCL DevOps Velocity User Access Key The auto-generated User Access Key that the containerized plugin will use to communicate with HCL DevOps Velocity (support starts with plugin v2.0.30 or later). Yes ucvAccessKey
    Fortify SSC Properties
    Name Type Description Required
    URL String The URL of the Fortify SSC server. Yes
    token String The API key to authenticate with the Fortify SSC server. Yes
    Initial sync date String The date to pull data for the initial run. No
    User Access Key Secure The user access key to authenticate with HCL DevOps Velocity server, prior to version 2.4.0. No
    Project Names Array Comma separated list of project names to sync data. If kept empty, syncs all projects data. No
    Workflow Id String The value stream that this metric is associated. No