Fortify Other | VA Software Assurance

Skip to main content

VA Software Assurance

Home
Fortify
CodeQL
- CodeQL Usage
- CodeQL Errors
Snyk
- Snyk Usage
- Snyk Errors
Threat Modeling

This site uses Just the Docs, a documentation theme for Jekyll.

Fortify
Fortify Other

These technical notes provide information on Fortify issues not covered in other sections:

Table of contents

How do I know if my application should be subject to code review
How is the Fortify license managed
How secure code review is different than exploit development
How to interpret remediation estimates
How to know if a database should be trusted
How to know if configuration files should be trusted
How to know if external input should be trusted
How to know if it is safe to log sensitive information to a file
How to Validate a V&V secure code review package
Insecure Transport - Mail Transmission findings
Secure Coding Resources
What are some recommended libraries for securing code
Why do I need to do code review if my environment is secure

GitHub at VA (part of VA OIT)
All content is available under Creative Commons Zero v1.0 Universal, except where otherwise stated.