Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

193
Views
 Bill Daley (BILLDALEY) US Bank Principal Architect-Software Engineering Manager
US Bank
US
BILLDALEY Member since 2012 9 posts
US Bank
Posted: October 15, 2020
Last activity: October 15, 2020
Posted: 15 Oct 2020 11:02 EDT
Last activity: 15 Oct 2020 13:47 EDT
Closed

Integrating with external code scanners

Report

Our enterprise requires that all application code be reviewed for security vulnerabilities.  It is preferred that code scanning tools like Fortify be used.  Pega code traditionally has not allowed for such tools due to the way code is stored and structured.  When compiled, I know it is ultimately Java code, but it isn't stored in the database in that form.  Due to not having this capability, we are forced to do manual code reviews which takes a lot of time.

Is it possible to allow any external tools to scan Pega code?

If no, is there any plan to move in that direction?

***Edited by Moderator Marissa to update Platform Capability tags****
Pega Platform 8.4 DevOps Data Integration Financial Services Lead System Architect

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice