Fortify SAST Essentials (FSAE) 22.2

 

Course Overview

Fortify SAST is the Fortify SCA application security testing product suite is comprised of Software Security Center (SSC), Audit Workbench (AWB), Audit Assistant, and much more; along with Fortify plugins for your IDEs and Bug Tracking as supporting technologies that you can use in conjunction with Fortify SCA and SSC to secure your applications from potentially dangerous vulnerabilities before they go into production.

This course helps the user to configure and utilize SAST (Static Application Security Testing) into your application development work, as well as in your IDEs, and the SSC platform to include Security early in your development lifecycle. The focus is around providing simple steps to configure Fortify SCA and SSC in a lab environment to showcase the ease of use when statically scanning and auditing your applications for vulnerabilities.

Important notes for the booking of Open Text trainings

Please note that prepayment is required for participation in an Open Text training course. Participation in a training course is possible for 12 months after booking the course. Cancellations are excluded. For further information, please refer to our General Terms and Conditions.

Who should attend

This course is designed for security champions, administrators who are responsible for deploying and administrating Fortify within their environment; as well as for the Developers and Security Auditors who are taking the first steps toward leveraging the power of Fortify SAST.

Prerequisites

This course assumes some familiarity working with Fortify SSC and SCA, basic programming skills, the ability to read Java or .Net, have a basic understanding of web technologies: CI/CD DevOps, plus, having computer, browser, and file system navigation skills

Course Objectives

On completion of this course, participants should be able to:

  • Use Fortify SCA/SSC to correlate, view, and respond to security incidents leveraging Fortify technologies to solve security problems in your applications based on defined topics
  • Successfully complete the lessons below in an environment that acts as a production environment.

Course Content

Module 1:
  • Fortify SCA and SSC Introduction
  • Software Security Center (SSC) Administration
  • Scan using Fortify Audit Workbench (AWB), Command-Line, and Scan Wizard
  • Utilize Fortify SCA in IDEs (e.g., Eclipse, IntelliJ, Visual Studio (VS), VS Code)
Module 2:
  • Collaborative audit your scan results in AWB and SSC
  • Create and analyze your scan results with Filters
  • Generate reports and create an Audit Guide
  • Read the Analysis Trace
  • Recognize noise reduction
  • Create a Custom Rule
Module 3:
  • Configure and utilize Audit Assistant
  • Utilize Jira for bug tracking
Appendix:

Topics to be covered on your own and in class (as time allows):

  • AppSec and SAST overviews
  • Fortify SCA process flow in detail

Prices & Delivery methods

Online Training

Duration
3 days

Price
  • 2,400.— € (excl. tax)
    2,856.— € (incl. 19% tax)
Classroom Training

Duration
3 days

Price
  • Germany:
    2,400.— € (excl. tax)
    2,856.— € (incl. 19% tax)
 

Schedule

Guaranteed date:   We will carry out all guaranteed training regardless of the number of attendees, exempt from force majeure or other unexpected events, like e.g. accidents or illness of the trainer, which prevent the course from being conducted.
Instructor-led Online Training:   Course conducted online in a virtual classroom.

English

European Time Zones

Online Training Time zone: Central European Time (CET) Course language: English
Online Training Time zone: Central European Time (CET) Course language: English Guaranteed date!
Online Training Time zone: Central European Time (CET) Course language: English
Online Training 4 days Time zone: Central European Time (CET) Course language: English
Online Training Time zone: Central European Summer Time (CEST) Course language: English
Online Training 4 days Time zone: Central European Summer Time (CEST) Course language: English
Online Training Time zone: Central European Summer Time (CEST) Course language: English
Online Training 4 days Time zone: Central European Summer Time (CEST) Course language: English