Preparing for the Fortify Vulnerability Integration

  • 릴리스 버전: Australia
  • 업데이트 날짜 2026년 03월 12일
  • 소요 시간: 2분

    • A successful Fortify Vulnerability Integration requires planning and the execution of pre-integration tasks. Prepare for the integration by performing these tasks. The Fortify Vulnerability Integration assumes that you are familiar with the Fortify product and API.

    시작하기 전에

    The Common Weakness Enumeration (CWE) integration is also used by Application Vulnerability Response and should be running prior to installing and configuring the Fortify Vulnerability Integration.
    주:
    NIST Vulnerability Database (NVD) data is not necessary to install the Fortify Vulnerability Integration, however they provide enrichment and would be useful to have.

    For information on NVD, see Importing data with the NVD and CWE integrations and managing third-party libraries.

    There is a configured run-as user for each integration record. The default value for this user is VR.System. Do not change this value.

    Role required: App-Sec Manager

    이 태스크 정보

    주:
    Before running the integration, make any necessary configuration change based on your requirements.
    Validate your instance sizing based on the number of application vulnerable items you expect to import. An undersized instance can lead to long load times. If you do not know the size of your instance, contact Customer Service and Support.

    The Fortify Vulnerability Integration requires an API Key, API Secret, and API root URL, available from your Fortify on Demand account.

    프로시저

    To create an API Secret Key:
    1. Log in to your Fortify on Demand portal.
    2. Navigate to All > Administration > Setting > API.
    3. Add ServiceNow as an application.
    4. Click New Secret to generate an API Secret.
    5. Record your API Secret for later use.