This course provides participants with demonstrations and hands-on activities using a practical, solutions-based approach to identify and mitigate today’s most common business security risks to applications. As a students, you will learn to scan, assess and secure applications using the Fortify Static Code Analyzer (SCA) and Software Security Center (SSC). This course includes hands-on activities to:

  • Identify security vulnerabilities within Fortify SCA
  • Exploit vulnerabilities in a sample application
  • Remediate security vulnerabilities, including the OWASP Top 10
  • Update and edit Rulepacks
  • Manage applications’ security issues with Fortify SSC


Audience/Job Roles

This course is intended for application developers who are new to or have been using the Fortify SCA and/or SSC to develop secure applications. It is also useful for development managers, security-focused QA testers, and security experts.

Delegates will learn how to

Upon successful completion of this course, you should be able to:

  • Scan applications thoroughly and correctly in Fortify
  • Assess raw scan results to create a prioritized list of high-impact security findings
  • Correctly and efficiently remediate validated security findings
  • Manage security goals to ensure good progress
  • Integrate Fortify products with current SDLC best practices