Virtual Sessions

All sessions will be showcasing the full overview, but each session includes department experts to answer any questions, see details below. 

These sessions will follow a general format:

• Fortify Introduction (5 minutes)

• Fortify Components overview (5 minutes)

• Session Specific Topics (45 minutes)

• Overview of Available Resources (5 minutes)

Tuesday, June 8, 2021
1:00 PM - 2:00 PM (EDT)
Session 1: Fortify: Administration of SSC and DevOps Integrations
1:00 PM - 2:00 PM

In this session, we will cover the various installation methods and technology stacks available to Software Security Center.

• Administration of Software Security Center

• Integration with various CI servers, tools, and pipeline capabilities

• Best practices in various environments and team configurations

Who should attend: System engineers, DevOps engineers and anyone responsible for installing, configuring, and maintaining Fortify infrastructure

Tuesday, June 22, 2021
1:00 PM - 2:00 PM (EDT)
Session 2: Fortify: SCA Scanning Capabilities
1:00 PM - 2:00 PM

In this session, we will cover the various ways to conduct scans using Fortify Source Code Analyzer (SCA).

• Scanning source code from the command line, Audit Workbench, and various IDE Plugins.

• Using the Fortify Scan Wizard to create scan scripts and automate scans.

• Integrating scans with build tools such as maven, gradle, ant and msbuild.

Who should attend: Developers, DevOps engineers and Security professionals responsible for configuring and executing Fortify scans

Tuesday, July 13, 2021
1:00 PM - 2:00 PM (EDT)
Session 3: Fortify: Security Assistant, Auditing and Remediating issues
1:00 PM - 2:00 PM

In this session, we will cover auditing code using Audit Workbench, Software Security Center, and IDE Plugins.

• How to audit results generated locally, those generated centrally, and the tradeoffs.

• Remediating issues using the IDE plugins and Fortify reports

• Discuss the training capabilities that exist in the Fortify client tools and Software Security Center.

Who should attend: Developers responsible for remediating security issues in code

Tuesday, July 27, 2021
1:00 PM - 2:00 PM (EDT)
Session 4: WebInspect: Capabilities Overview
1:00 PM - 2:00 PM

In this session, we will cover the capabilities of the WebInspect Dynamic Application Security Testing (DAST) Tool.

• Tool capabilities • Scan configuration and authentication

• Macro generation • Auditing and reviewing result

Who should attend: Security Engineers and personnel responsible for running Dynamic Applications Security Tests

Tuesday, August 10, 2021
2:00 PM - 3:00 PM (EDT)
Session 5: Fortify: Best Practices
2:00 PM - 3:00 PM

In this session, we will look at best practices for embedding application security within software development, testing and compliance programs.

Who should attend: Developers, DevOps engineers PMs, and Security professionals responsible for deploying designing and implementing an application security program.

Tuesday, August 31, 2021
2:00 PM - 3:00 PM (EDT)
Session 6: Fortify: GitLab DevOps integrations
2:00 PM - 3:00 PM

In this session, we will look at techniques for integrating Fortify into GitLab DevOps pipelines.

Who should attend: Developers, DevOps engineers and Security professionals responsible for deploying Fortify infrastructure and configuring Fortify scans.

Tuesday, September 14, 2021
2:00 PM - 3:00 PM (EDT)
Session 7: Fortify: Reference Architectures
2:00 PM - 3:00 PM

In this session, we will look at a number of Fortify deployment architectures that can be used to support various common use cases.

Who should attend: Developers, DevOps engineers and Security professionals responsible for deploying Fortify infrastructure.

Tuesday, September 28, 2021
2:00 PM - 3:00 PM (EDT)
Session 8: Fortify: Dynamic Application Security Testing
2:00 PM - 3:00 PM

In this session, we will deep dive the dynamic vulnerability testing capabilities in the Fortify portfolio

Who should attend: Web app vulnerability testers, DevOps engineers and Security professionals responsible for software vulnerability and/or penetration testing.

Tuesday, October 12, 2021
2:00 PM - 3:00 PM (EDT)
Session 9: Fortify: Azure DevOps integrations
2:00 PM - 3:00 PM

In this session, we will look at techniques for integrating Fortify into Azure DevOps pipelines.

Who should attend: Developers, DevOps engineers and Security professionals responsible for deploying Fortify infrastructure and configuring Fortify scans.