FSAEMFOpenTextMF-FSAE22.2<p>On completion of this course, participants should be able to:</p> <ul> <li>Use Fortify SCA/SSC to correlate, view, and respond to security incidents leveraging Fortify technologies to solve security problems in your applications based on defined topics</li><li>Successfully complete the lessons below in an environment that acts as a production environment.</li></ul><p>This course assumes some familiarity working with Fortify SSC and SCA, basic programming skills, the ability to read Java or .Net, have a basic understanding of web technologies: CI/CD DevOps, plus, having computer, browser, and file system navigation skills</p><p>This course is designed for security champions, administrators who are responsible for deploying and administrating Fortify within their environment; as well as for the Developers and Security Auditors who are taking the first steps toward leveraging the power of Fortify SAST.</p><h5>Module 1:</h5><ul> <li>Fortify SCA and SSC Introduction</li><li>Software Security Center (SSC) Administration</li><li>Scan using Fortify Audit Workbench (AWB), Command-Line, and Scan Wizard</li><li>Utilize Fortify SCA in IDEs (e.g., Eclipse, IntelliJ, Visual Studio (VS), VS Code)</li></ul><h5>Module 2:</h5><ul> <li>Collaborative audit your scan results in AWB and SSC</li><li>Create and analyze your scan results with Filters</li><li>Generate reports and create an Audit Guide</li><li>Read the Analysis Trace</li><li>Recognize noise reduction</li><li>Create a Custom Rule</li></ul><h5>Module 3:</h5><ul> <li>Configure and utilize Audit Assistant</li><li>Utilize Jira for bug tracking</li></ul><h5>Appendix:</h5><p>Topics to be covered on your own and in class (as time allows):</p> <ul> <li>AppSec and SAST overviews</li><li>Fortify SCA process flow in detail</li></ul>On completion of this course, participants should be able to: - Use Fortify SCA/SSC to correlate, view, and respond to security incidents leveraging Fortify technologies to solve security problems in your applications based on defined topics - Successfully complete the lessons below in an environment that acts as a production environment.This course assumes some familiarity working with Fortify SSC and SCA, basic programming skills, the ability to read Java or .Net, have a basic understanding of web technologies: CI/CD DevOps, plus, having computer, browser, and file system navigation skillsThis course is designed for security champions, administrators who are responsible for deploying and administrating Fortify within their environment; as well as for the Developers and Security Auditors who are taking the first steps toward leveraging the power of Fortify SAST.Module 1: - Fortify SCA and SSC Introduction - Software Security Center (SSC) Administration - Scan using Fortify Audit Workbench (AWB), Command-Line, and Scan Wizard - Utilize Fortify SCA in IDEs (e.g., Eclipse, IntelliJ, Visual Studio (VS), VS Code) Module 2: - Collaborative audit your scan results in AWB and SSC - Create and analyze your scan results with Filters - Generate reports and create an Audit Guide - Read the Analysis Trace - Recognize noise reduction - Create a Custom Rule Module 3: - Configure and utilize Audit Assistant - Utilize Jira for bug tracking Appendix: Topics to be covered on your own and in class (as time allows): - AppSec and SAST overviews - Fortify SCA process flow in detail3 days2400.00