How to write HP Fortify Custom Rules language Specific?
I'm running HP Fortify 5.16 and I'm writting some custom rules. The problem I'm facing is that Custom Rules are not language Specific. If I create a custom rule that matches SQL Injection for instance, This rule is presented either if I'm running a Java project or a .NET project.
Do you know how to make this custom description language specific. It seems like the match is performed by category and the language is ignored because the below description appears when both projects are scanned (.NET and Java).
I would expect that this custom description is displayed just for .NET because I used the language attribute (see below rule)
Note that I'm using the language attribute but it seems like it is ignored. This is an example of the Custom rule : Look that I used the Language attribute :