Fortify Application Vulnerability Integration release notes
- UpdatedMay 1, 2025
- 2 minutes to read
Version history for the Fortify Application Vulnerability Integration on the ServiceNow Store.
Important: For details on system requirements and family compatibility, view the application
listing on the ServiceNow Store
website.
Version history
- Version 2.6.0 - May 2025
- Fixes.
- Version 2.5.0 - November 2024
- Minor fixes for this release.
- Version 2.4.2 - August 2024
- Changed: The [sn_vul_fortify.buffer_hours] property has been removed from system properties and added to the Fortify Vulnerability Integration instance parameters.
- Version 2.3.3 - June 2024
- New: Auto close for application vulnerable items is supported for the Fortify integrations.
- Version 2.3.1 - May 2024
- Changed: View details such as total processing times, average times for pre- and post-integration run processes, and reports on the integration run records.
- Version 2.2.2 - February 2024
-
- New:
- You can reapply your configuration item (CI) lookup rules to update existing CIs (scanned applications and product models).
- Manually create remediation tasks (AVULs) for application vulnerable items (AVITs) from remediation task records on the Group Configuration tab.
- Fixed: Buffer time is a configurable parameter with the sn_vul_veracode.import_starttime_buffer system property. The buffer, in hours, is subtracted from Start Time (delta_start_time). The scanner imports results at the new derived delta start time.
- New:
- Version 2.2.1 - November 2023
-
- New:
- The manage exceptions in ServiceNow and manage false positives in ServiceNow options on the Fortify configuration page can help you triage your imported application vulnerabilities with ServiceNow workflows.
These options are activated by default.
- Manage exceptions in ServiceNow triages application vulnerable items (AVI) with the ServiceNow Exception management workflow. AVIs transition to Open, and you request exceptions from AVI records. Deactivate the option to preserve the Source states on AVIs imported from Fortify.
- Manage false positives in ServiceNow triages false positives with the ServiceNow False positive workflow. AVIs transition to Open, and you request false positives from AVI records. Deactivate the option to preserve the Source states on AVIs imported from Fortify.
- The manage exceptions in ServiceNow and manage false positives in ServiceNow options on the Fortify configuration page can help you triage your imported application vulnerabilities with ServiceNow workflows.
These options are activated by default.
- New:
- Version 2.1.0 - August 2023 (Vancouver)
- New: New: A new product model lookup rule is activated by the system property, Use Product Model [sn_vul.use_product_model]. This rule supports CSDM.
- Version 2.0.2 - March 2022
- The Vulnerability Response integration with the Fortify on Demand product imports applications and application vulnerabilities to use with Application Vulnerability Response. Application Vulnerability Response is a feature in the ServiceNow Vulnerability Response application that helps you prioritize and remediate application vulnerabilities.