Build better code and secure your software. Use the Fortify VSTS build tasks in your continuous integration builds to identify vulnerabilities in your source code. Fortify Static Code Analyzer (SCA) is the most comprehensive set of software security analyzers that search for violations of security-specific coding rules and guidelines in a variety of languages. The SCA language technology provides rich data that enables the analyzers to pinpoint and prioritize violations so that fixes are fast and accurate. SCA produces analysis information that helps you deliver more secure software, as well as making security code reviews more efficient, consistent, and complete. Its design allows you to quickly incorporate new third-party and customer-specific security rules.
Fortify on Demand delivers application security as a service, providing customers with the security testing, vulnerability management, expertise, and support needed to easily create, supplement, and expand a Software Security Assurance program. Fortify on Demand static assessments consist of a Fortify SCA scan performed and audited by our team of security experts. Fortify on Demand dynamic assessments mimic real-world hacking techniques and attacks using both automated and manual techniques to provide comprehensive analysis of complex Web applications and services. Featuring Fortify WebInspect for automated dynamic scanning, Fortify on Demand provides a full-service experience complete with macro creation for authentication and a full audit of results by our experts to remove false positives and for overall quality.
Extension available via the Microsoft Visual Studio Team Services Marketplace
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox