SAST and DAST scans

  

I have read somewhere that Outsystems uses HP fortify for SAST scans to capture any vulnerabilities. This scan is triggered whenever a build is created. Also I understand that they release security patches as and when new vulnerabilities are captured. 


Is there a way to view the SAT results so that temporary fixes can be made to the application till security patches are released for the captured vulnerabilities. Just don't like not knowing and living with the vulnerabilities for the time between the build creation and security patches release if required.  

Solution

There's a separate thread going on around this . So this can be ignored as duplicate. 


link to thread : https://www.outsystems.com/ideas/5718/hp-fortify-sast-scan-results

Solution