I have installed SQL server 2014 on my computer. Howerver when I run QAInspect after installation I keep getting the message " SQL Server Express Is Not Installed". Can anyone help me with solution/advice on how to fix this?
I would like to know if QA Inspect can be migrate/entitle to Webinspect or to Fortify ?
Any idea ?
Thank you for your time.
I can't find any reference to QAInspect on current HP SW product pages or sites.
Is it still an orderable product?
I'm wondering if it has become part of another product group or portfolio.
And we haven't seen any updates for QAI in quite a while.
Thanks for any hints or insight!
I am running QAInspect 9.2 . It runs fine as long as I am logged into my laptop . But when my laptop goes into hybernate mode and I leave QAInspect running overnight , it hangs.
Please advise . Any help is appreciated .
We're trying to get a QA Inspect test to run on QC but not having much luck.
When we try to run the test locally, the execution log comes back with two rows - first one indicates the test was aborted, and the second line indicates there were "No Available Hosts".
Yet, when we run a QTP test on the same machine (again with Run Test Locally selected) the QTP test connects with the local host and executes.
We have QAInspect 9.20, QTP 10.0 and QC 10.0
I found problem when connecting to QAInspect via QAInspect Management Tool.
after inputing QC URL, Login name, password. The error message displayed "please verify that QC URL, login name, password are all correct".
I 've already tested by directly connect to QC using same User/pass. can connect without any problems
I 've also used QAInspect diagnostic tool, not help
in the event viewer, seem not help too.
Any idea please share
Many thanks in advance
Security Tester in BKK
I am a Ph.d. student majoring in Computer Science at NCSU. Currently I am doing a research on why developer uses secure development tools (e.g., HP Fortify is one kind of secure development tool) and why not. The most important reason why we do this study is because most of these tools are extremely underused, and we want to find out why. The result of this study will benefit our community in a way that either help the toolsmiths to build a better tool or help the sellers to better advertise the tool.
As for data collection, I need to conduct interviews with software developers to ask them about their past experience with these tools. The interview will last about 1 hour. It will be conducted through Skype or phone call directly at your best convenience.
I really need your help!!!
Please contact me if you are a software developer or a manager who is supervising developers in a software company.
My email address is: email@example.com
Your help is highly appreciated.
The below tips are for new users or current QAInspect users upgrading to the latest version of QAInspect 9.20:
- After installing QAInspect 9.20, a shortcut to QAInspect will be on your desktop. (For upgrading users, this will replace the QAInspect Management Tool shortcut but you can still access the tool from the Start Menu or launching QAInspect -> Project Settings.)
2. The database settings for scans and reports have been moved from being an advanced scan level settings to being a machine level setting located at QAInspect -> Application Settings->Database. All QAInspect tests ran on a given machine will use the same database settings set above. Please configure your database settings prior to running scans. The database default is SQL Server Express.
3. If you plan to use QAInspect 9.20 in a new QC/ALM project, launch QAInspect ->Project Settings and log into the new project as project administrator to integrate QAInspect with the new project prior to running scans.
4. If you plan on using QAInspect 9.20 in an existing QC/ALM project with current QAInspect 8.0 tests, you should first backup your project and database and then proceed to run the QAInspect Upgrade Tool located in the start menu prior to running scans. (You should not use QAInspect 8.0 and QAInspect 9.20 for the same project.)
5. If you plan on using QAInspect 9.20 with an existing SQL Server database for QAInspect 8.0, then you should backup your database and then proceed to run the database upgrade scripts in one of two ways:
a. The product will prompt you that the database needs to be upgraded. Select OK and the product will attempt to do so automatically. If you encounter errors afterwards, go to the download page: https://download.hpsmartupdate.com/qainspect/ and have your DBA manually run the QAInspect_8.0_to_9.2_ upgrade script.
b. Have your DBA to manually run the QAInspect_8.0_to_9.2_ upgrade script on the existing database or create a new SQL Server database and run the QAInspect_9.20_New_Scan Database_create_script.
6. Read the QAInspect 9.20 Release notes for Known Issues and Recommendations:
HP Application Security Center team is very proud to announce the official release of QAInspect 9.20! This release is packed full of new features and enhancements including the latest WebInspect 9.20 scan engine.
Here are just a few highlights of the 9.20 release:
Latest WebInspect 9.20 scan engine offers improved web service support, enhanced website crawling technology, new blind SQL Injection engine, and DOM-Based Cross-Site Scripting just to name a few.
QAInspect Real-Time is achieved through integration with HP SecurityScope, an agent installed on the target web server. It provides application information that QAInspect otherwise could not obtain.
TruClient for Login Macros has new log-in web macro recording/play-back technology where user interactions are captured (not traffic) and replayed making log-in playback much more accurate and compatible with sophisticated web applications.
Support for Common Weakness Enumeration (CWE) is an industry standard vulnerability classification system from the MITRE Corporation that provides a unified, measurable set of software weaknesses. These are included whenever you view vulnerability.
You may find the full release notes here:
To get started with QAInspect 9.20, you can go to the following site where you will find a download link, quick start guide, and more:
Also, you should check out the below QAInspect 9.20 Upgrade Tips:
We hope you will be as excited about QAInspect 9.20 as we are. The folks here at HP Fortify Software will be monitoring these forums closely, so if you have any questions or concerns, please don’t hesitate to post.
Thank you for your continued support!
HP Enterprise Security - Fortify
My objective: to get ASC trial env set up for my customer.
1) My customer with my direction did buy WI and now want to move further and buy other components of ASC.
2) I'm new to QI and QC. I know setting up a test env and get QI hooked up with QC is far more complicated than WI.
3) I got QI and QC downloaded.
4) What I'm missing is a comprehensive document that can explain the mentality and logics behind the QC and QI specific test environment and how these components operate with each other. Can anyone point me to a doc?
5) It was said that WI when finding an issue, it can send a defect report to QC/QI. Can anyone tell me how this is done and how QI/QC take care of such defect? A thorough doc is appreciated.
I'm looking for differences between webinspect & qainspect. Things that QAInspect cannot do & Webinspect has that extra stuff...
I tried downloading the QAInspect tutorials from the below given links but doesn't seem to work:
Quick Start - https://download.spidynamics.com/products/qainspect/hp/qainspectqcquickstart.pdf
User Guide - https://download.spidynamics.com/products/qainspect/hp/qainspectqcuserguide.pdf
Release Notes - https://download.spidynamics.com/products/qainspect/hp/qainspectqcreleasenotes.txt
Thanks & stay secure,
Will HP QAInspect give support for WShttpbinding?
I have tried different webservices it throwing error.
The message with To '' cannot be processed at the receiver, due to an AddressFilter mismatch at the EndpointDispatcher. Check that the sender and receiver's EndpointAddresses agree.</s:Text>
Thanks in Advance
I haven't seen many post on here with QAInspect problems in a while. I wonder why that is. Are you actively using QAInspect? Is everything working fine for you? Are you not using QAInspect at all?
Please take the time to answer the below questions:
- What version of QAInspect are you using?
- What version of QC/ALM are you using?
- How are you using QAInspect in your environment and how often?
- What are your likes about QAInspect?
- What are your dislikes about QAInspect?
- What is your overall impression of QAInspect?
- What enhancement requests if any do you have?
- If you are no longer using QAInspect, why?
Few Querstions around HP Fortyfy 360
1. Do we need to purchase HP Quality centre as a pre-req for HP Fortify 360 ? is there any other pre-req required?
2. Can we purchase only signle component of Fortify 360 like Program Trace Analyzer (PTA)? Or we need to purchase all componenents.
3. Can we use Fortify 360 for desktop applications?
We have application like Calculator, can we use HP QAInspect for security testing of desktop application like Calculator or it is always Web application.
The attached document outlines a procedure that actual be employed by QAInspect users, and possibly WebInspect or AMP users, for measuring security compliance to quality in Quality Center. The procedure relies upon manual updates of test statuses, but does address to some degree the problems. Please note that this document was originally drafted before the release of ALM 11 so the corrections are a little out of date, but the basic processes are still the same
1. New ALM 11 Support – Only QAInspect 8 SP1 supports Application Lifecycle Management 11 in addition to Quality Center v9.2 and v10
2. New Rich Vulnerability view – Displays a site view, sequence view, request and response with parameter highlighting, browser view, and a list of vulnerabilities as they are found in real time as the scan is running
3. New QAInspect Management Tool - Configure all of your QAInspect project settings from a single tool
4. Redesign of QAInspect Test Plan and Test Lab configuration - Copy QAInspect tests and test configurations to use as a new test or test template
5. Recorded Crawl with Audit – Run targeted scans based on the URLs that you record using the web macro recorder or by converting existing QTP (Quick Test Pro) scripts using QAInspect script converter
6. Concurrent Licensing - Use HP License and Infrastructure Manager to allow concurrent licensing for QAInspect users
7. Improved Scan engine - Updated scan engine to improve scan accuracy and performance with the full range of WebInspect settings.
8. New Scan Manager – Manage reports, rename scans, and delete scans all from a single location
9. New Reporting System - Reporting system has been upgraded for overall better look and feel.
10. New Diagnostic Tool - Handy diagnostic tool to discover problems in your environment and setup that prevents QAInspect from functioning without calling support
To get started with QAInspect 8, you can go to the following site where you will find a download link, quick start guide, tutorials and more:
HP Software Application Security Center
For full compatibility between Application Lifecycle Management and QAInspect, the following are recommended:
- Obtain Application Lifecycle Management Service Pack 1 (ALM 11 SP1) or later.
- Obtain QAInspect 8.0 Service Pack 1 (Build version 8.0.397.1).
- First, download the ALM client side components on a client machine by launching your web browser and navigating to the ALM web page and clicking on the Application Lifecycle Management link.
- Next, it is required that you download the HP Quality Center Connectivity Add-In on the client machine.
- From the ALM web page, click Add-Ins Page link.
- On the next page, click the HP Quality Center Connectivity link.
- On the following page, download the Add-In.
- Next, Install QAInspect 8.0 SP1.
- Launch the QAInspect Management Tool and log into the ALM project as the Project Administrator to integrate QAInspect with the ALM project and configure the ALM project. (Note: If you fail to log into the ALM project via the QAInspect Management Tool, make sure ALM and the QAInspect Management Tool is closed and you have completed steps 3-7 above.)
10. Repeat steps 3-8 on every client machine that you wish to use QAInspect with ALM.
Another, hopefully final, surprise. HP Communities just migrated their Communities forums (all, not just the ASC) to their new Lithium platform. So first things first, you may want to reopen each of the "boards" for WebInspect, AMP, et al, and choose "Mark all as Read" from the Board Options button found to the right of the screen. If you are like me, you depend on that to help you recall what is new and what has been answered/read already or what is simply old.
We are still getting our moderators group returned access to the forums, and should be hobbling along fine this time next week. Keep your posts coming and I will do my best to respond or get an answer to you!
You may notice that now the ASC Blogs are closely related to the User Forums unlike in the old Communities site, using the central folder for the ASC, http://h30501.www3.hp.com/t5/Application-Security-Community/ct-p/AS
And now a few keywords for the Search Engines of the world...
"Official User Forums for HP Application Security Center (ASC) Including WebInspect, AMP (Assessment Management Platform), QAInspect, and even DevInspect. Fortify's discussions may eventually come to roost here as well."
Can anybody help me. My QA Inspect 5.0 throws the following error when i try to access any QAInspect test configuration module:
"Error getting Test ID from TSTest ID"
Then the dropdown that are supposed to fill with selectable data are not filled.
Thanks for your help.
Windows XP SP2. SQL Server 2008. QC10.0. .Net Framework 3.0 SP 1