Vulnerability count inconsistencies on FoD FPR exports

kev....@gmail.com

unread,

Apr 7, 2016, 12:17:24 PM4/7/16

to ThreadFix

Hi,

I've recently started using Threadfix and am one of the data sources I'm using are results from HP FoD static scans. When I download the FPR files and upload them into Threadfix, the results are very different from what the FoD console is reporting (e.g. a scan on FoD reports a total of 337 issues in one scan, which Threadfix reports over 6000). Are there know issues with the parsing of FoD output?

Many thanks,

Kev

Daniel Maldonado

unread,

Apr 12, 2016, 12:02:09 PM4/12/16

to ThreadFix, kev....@gmail.com

Kev,

Do you happen to know if you have any filters applied to your view in Fortify?

Thanks,

Daniel Maldonado

kev....@gmail.com

unread,

Apr 13, 2016, 3:30:57 PM4/13/16

to ThreadFix, kev....@gmail.com

Hi Daniel,

I don't believe so, it's just the native count coming from Fortify.

Kev

Daniel Maldonado

unread,

Apr 13, 2016, 6:07:51 PM4/13/16

to ThreadFix, kev....@gmail.com

Kev,

I'm going to take this offline and email you directly. If you don't receive an email shortly let me know.

Daniel M

Reply all

Reply to author

Forward