I want to see the specific rules of Fortify Secure Coding Rules (the rules that Fortify uses by default), because I want to write a report about all rules that are used by Fortify:
C:\Program Files\Fortify Software\HP Fortify v3.60\Core\config\rules but I have found .bin files and I can't see them.AuditWorkbench and in Security Content Management I can't see them either.Is there any way to see them?? Thanks for your help.
Short of becoming a Software Engineer at HP Fortify, No. The default rules are considered Intellectual Property of HP Fortify and no one outside Engineering has access to them.
What problem are you trying to solve by this report?
As HP/Fortify distributes rule-packs as binary files to protect their intellectual property, you will not be able to see how the individual rules are written.
However, if you're looking to include some information about which rules/rule-packs were used, you can navigate to the project summary screen and see which rule packs were used at the time of the scan. You will also have access to information such as each rule pack's version and additional meta data about each pack.
Being able to provide this level of detail in a meta-report might be sufficient to preempt follow-up questions. Just a thought...
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 啃猪蹄的小仙女 的文章《How can I see all the rules of Fortify Secure Codi》','https://www.manongdao.com/article-372826.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}