Course Description: FTSCA250-192-Fortify SCA and SSC ILT with Exam

Course Description

This course provides participants with demonstrations and hands-on activities using a practical, solutions-based approach to identify and mitigate today’s most common business security risks to applications. As a students, you will learn to scan, assess and secure applications using the Fortify Static Code Analyzer (SCA) and Software Security Center (SSC). This course includes hands-on activities to:

 Successfully run static code application scans and analyze the scan results

 Identify security vulnerabilities from scan results and SmartView

 Find, categorize, and remediate security vulnerabilities found in the code

 Utilize the Fortify Plugins Eclipse and Security Assistant

 Manage applications, Audit Assistant, and bug tracking within the Software Security Center (SSC)

Audience/Job Roles

This course is intended for application developers who are new to or have been using the Fortify SCA and/or SSC to develop secure applications. It is also useful for development managers, security-focused QA testers, and security experts.

Course Objectives

Upon successful completion of this course, you should be able to:

 Scan applications thoroughly and correctly in Fortify

 Assess raw scan results to create a prioritized list of high-impact security findings

 Correctly and efficiently remediate validated security findings

 Utilize the bug tracking capabilities

Utilize the Audit Assistant feature in the SSC

 Manage projects to ensure good processes

Prerequisites/Recommended Skills

To be successful in this course, you should have the following prerequisites or knowledge:

Basic programming skills (able to read Java, C/C++, or .NET)

Basic understanding of web technologies: HTTP Requests and Responses, HTML tags, JavaScript, and server-side dynamic content (JSP, ASP or similar)

Knowledge of Web and Application development practices

Experience developing and/or managing software development for security

Have an understanding of your organization’s compliance requirements

Certification Path

Fortify SCA/SSC Practical Exam ID: HP0-M214P