Scan Issues | VA Software Assurance

Skip to main content

VA Software Assurance

Home
Fortify
CodeQL
- CodeQL Usage
- CodeQL Errors
Snyk
- Snyk Usage
- Snyk Errors
Threat Modeling

This site uses Just the Docs, a documentation theme for Jekyll.

Fortify
Scan Issues

These technical notes provide information on issues that may be reported against running Fortify correctly:

Table of contents

Audit was not performed within Fortify
Buildable source not delivered
Cannot determine what source code provided corresponds to source code scanned
Code broken into a large number of FPR files
Code not scanned
Code scanned but not delivered
Command or options used for translation phase not provided
Default analysis tags not used
Default rulepacks were not used during scan
Delivered scan does not match previous submissions
Errors during scan
Hidden and suppressed Issues
Incorrect submission materials potentially provided
Issues not audited
Minified JavaScript Not Scanned
Old version of Fortify used during scan
Old version of rulepacks used during scan
Quick scan mode used
Removed Findings
Scan was not performed correctly
Scanned source differs from provided source
Speed Dial Used
Unable to extract source code from FPR files

GitHub at VA (part of VA OIT)
All content is available under Creative Commons Zero v1.0 Universal, except where otherwise stated.