RSS Feed
« Ruby port of Extended Scanner released | Main | .NET Data-bound Web controls & (anti)XSS - Some Considerations »

Fortify Partner ' SCA 5.0 Sneak Peak

Just got through attending a Fortify webinar where J.B. demo'd the latest beta 5.0 version of SCA. Firstly, it was very impressive.

Language support has now been added for classic ASP, COBOL, JavaScript and PHP, along with several new analyzers, a couple of which are interestingly aimed at "deviation" and false path detection.

However, one of the most apparent changes is the continual evolution of Audit Workbench (AWB) from a predominantly result's only /verification tool towards a true one stop "work bench". This includes new "right-click" custom rule generation (complete with slick and more intuitive interface) which will dramatically speed up new rule generation based on what is appearing in the code. Of course, the ability to then easily re-run scans from within AWB follows on nicely to help verify new rule accuracy.

More detail to follow once we get our hands on a 5.0 beta version. The current full 5.0 release timeframe appears to be towards Dec/Jan, - further new feature information can be found on the Fortify site.

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
All HTML will be escaped. Hyperlinks will be created for URLs automatically.