fortify – Page 2 – WindowsTechs.com

Safely load a pickle file?

Posted on April 18, 2018 by Pro

In our Python app, we are using pickle.load to load a file named perceptron.pkl. A HP Fortify static scan raises a high vulnerability, “Dynamic Code Evaluation – Unsafe Pickle Deserialization”, at the same line.

How can I re… Continue reading Safely load a pickle file?→

Fortify HP AppScan Checkmarx SAST [on hold]

Posted on February 21, 2018 by Gaetano Fortify

Is there a scientific study / link that compares these three SAST solutions (Fortify, AppScan Source, Checkmarx) in relation with some kind of Benchmark (OWASP Benchmark for example) ?

Continue reading Fortify HP AppScan Checkmarx SAST [on hold]→

Fortify and third-party libraries

Posted on July 5, 2017 by developer_117

I am trying to understand in the new version of Fortify SCA 17.10, why the scan defaults to excluding third-party libraries? I found this article and it seems any open source library you use, it would be in your best interest… Continue reading Fortify and third-party libraries→

HP Fortify scan automation

Posted on April 18, 2017 by MedAl

I am asked to integrate the code audit tool HP Fortify in our development process, but the main constraint about it is that the whole code should not be scanned every time: only the classes impacted by the last backlog item s… Continue reading HP Fortify scan automation→