Segregation of Duties for HPE Fortify Software Security Center

Are you one of the many users of HPE Fortify with only one instance of Software Security Center (SSC)? Why? In my experience, it’s been much better to maintain a segregation of duties between the scan-upload-fix-rescan SSC instance and the reporting or dash-boarding role.

Comments are closed.