Diff-aware scanning

[Pabloo-ss]

Question

Is there any way to scan just the modified files in a PR in order to find out if any new findings will be introduced in master branch after merging?
Something like this (Semgrep):
Diff-aware scanning
Semgrep AppSec Platform can scan only changes in files when running on a pull or merge request (PR or MR). This keeps the scan fast and reduces finding duplication.

[MF-Joel]

This isn’t something that is offered as a native feature of Fortify SCA. Although you could potentially script a solution to identify the modified files and then configure Fortify to scan only those files, the results would not fully replicate a purpose-built diff scan approach as there would be a loss of results identified through dataflow analysis. Additionally, this could only work for languages that don't require a full project translation such as Python, JavaScript, TypeScript, etc...