1 / 20

Using SCA (Build Monitor)

Using SCA (Build Monitor). Using SCA. In this course, you will learn: How to use Fortify SCA Build Monitor. Using SCA Build Monitor. System Requirements Using Build Monitor Using Build Monitor in Command Line Configuring Build Monitor. System Requirements. Windows 2000/2003/XP/Vista

salcido
Download Presentation

Using SCA (Build Monitor)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Using SCA (Build Monitor)

  2. Using SCA • In this course, you will learn: • How to use Fortify SCA Build Monitor

  3. Using SCA Build Monitor • System Requirements • Using Build Monitor • Using Build Monitor in Command Line • Configuring Build Monitor

  4. System Requirements • Windows 2000/2003/XP/Vista • .NET 1.1 (Build Monitor itself is written in .NET 1.1)

  5. Using SCA Build Monitor • System Requirements • Using Build Monitor • Using Build Monitor in Command Line • Configuring Build Monitor

  6. Using Build Monitor • From Program Files

  7. Start Monitor

  8. Start Monitor

  9. Compile Your Code Start the compilation process. For example, from your IDE (doesn’t necessary be Visual Studio),

  10. When the compiler is running Build Monitor check system processes at runtime and intercept all “compiler” like processes

  11. Build Done Click “Build Done” when compilation finished successfully

  12. Analyzing source files Then click “Scan”, Build Monitor will then run SCA scan phase

  13. Audit Workbench When scan finished, Build Monitor will open Audit Workbench automatically

  14. Using SCA Build Monitor • System Requirements • Using Build Monitor • Using Build Monitor in Command Line • Configuring Build Monitor

  15. BuildMonitor.exe SET BMON_HOME=<<<SCA_PATH>>>\Core\private-bin\sca SET BUILD_ID=<<<YOUR BUILD ID>>> sourceanalyzer -b %BUILD_ID% -clean pushd "%BMON_HOME%" start /D"%BMON_HOME%" buildmonitor.exe -b %BUILD_ID% -c sca popd sleep 5 <<<YOUR BUILD SCRIPT HERE>>> sleep 5 pushd "%BMON_HOME%" start /D"%BMON_HOME%" buildmonitor.exe -b %BUILD_ID% -c stop popd sourceanalyzer -b %BUILD_ID% -scan -f "%BUILD_ID%.fpr"

  16. Using SCA Build Monitor • System Requirements • Using Build Monitor • Using Build Monitor in Command Line • Configuring Build Monitor

  17. Scan Settings Setup max memory Preview Scan Phase Command Select rulepack (default is all) Monitor all user processes or current user processes only

  18. Set Results Folder Default is “Desktop”

  19. Build Monitor Config file • <SCA_Install_Path>\Core\Config\buildmonitor.conf • By default, we only monitor 10 process names, if you compiler name is not one of those, you may need to modify the config file [Target Processes] gcc.exe g++.exe ld.exe ar.exe cl.exe link.exe armcc.exe armcpp.exe tcc.exe tcpp.exe

More Related