Versions Compared

Old Version 32

changes.mady.by.user user-50d80

Saved on

compared with

New Version Current

changes.mady.by.user Anna Stuchlik

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • CERT C
  • CERT C++
  • CWE
  • CWE Top 25 Most Dangerous Software Errors
  • CWE on the Cusp
  • OWASP Top 10
  • OWASP API Security Top 10

Each organization has different security requirements and environments. This guide is intended to help you set up and execute the security solution under the following scenario:

...

We recognize that each organization is at a different point in their security compliance initiative. You may be using following this guide in your organization, for instance, while building as you build the dev/test infrastructure, for instance, while others are much further along in their development journey. The Prerequisites section describes assumptions we make in this guide regarding the state of your dev/test infrastructure deployment.

...

The Security Compliance Pack includes a default profile for each set of guidelines. Profiles indicate which checkers were expected in the analysis, which tool ran the checkers, and other details, that are included in dashboard widgets and reports.You  You can create additional profiles and modify the list of checkers to change the scope of the expected results—add additional checkers to the profile, for example, to understand how the current build would perform if analysis ran with the additional checkers.

...

The Parasoft Multi-Language Pack is available in the marketplace on the Parasoft customer portal.

DTP and Enterprise Pack 2021.1

Standards

  • CERT C
  • CERT C++
  • CWE List Version 4.4
  • CWE Top 25
  • CWE Top 25 + On the Cusp
  • UL 2900
  • OWASP Top 10
  • OWASP API Security Top 10 2019
  • PCI DSS 3.2

Parasoft tools

  • C/C++test 2021.1 (all editions)
  • dotTEST 2021.1
  • Jtest 2021.1

Continuous integration

Parasoft can report static analysis violations in the following CI systems:

  • Bamboo 5.14 +
  • Jenkins 1.625.1 +
  • TeamCity 2017.1.2 +
  • Microsoft Azure DevOps 

Refer to the Parasoft Findings documentation for details.

You can integrate with other CI systems using the command line interface.

Source control

Refer to the tool documentation for supported SCMs:

DTP and Enterprise Pack 2020.2

Standards

  • CERT C
  • CERT C++
  • CWE List Version 4.0
  • CWE Top 25
  • CWE Top 25 + On the Cusp
  • UL 2900
  • OWASP Top 10
  • PCI DSS 3.2

Parasoft tools

  • C/C++test 2020.2 (all editions)
  • dotTEST 2020.2
  • Jtest 2020.2

Continuous integration

Parasoft can report static analysis violations in the following CI systems:

  • Bamboo 5.14 +
  • Jenkins 1.625.1 +
  • TeamCity 2017.1.2 +
  • Microsoft Azure DevOps 

Refer to the Parasoft Findings documentation for details.

You can integrate with other CI systems using the command line interface.

Source control

Refer to the tool documentation for supported SCMs:

DTP and Enterprise Pack 2020.1

...