Overview

Scan progress and the current summary can be observed on the Summary view, available after the scan has been started or when selected in the dashboard.

A report can be generated by clicking CREATE REPORT (available in all tabs) in the upper right corner.

Summary Tab

This view shows the summary of results per vulnerability type, risk, violations of supported compliance standards and scanning statistics.

Open

Total / Tested number of code lines are line counts across all detected data flows. The numbers do not reflect the line count of the project.

Details Tab

The Details tab provides options for reviewing the details of individual vulnerabilities across all the project languages that were selected for the analysis. The left side tree view contains all the vulnerability types that were discovered during the analysis with vulnerability counts. By clicking on any of the items, a complete list of individual vulnerabilities under a selected type will appear.

Open

Details of an individual vulnerability show the Vulnerability sink, i.e., a function that caused the vulnerability when receiving the unsanitized input originating from the Vulnerability Input Variable. Vulnerability description and Mitigation Recommendations for every vulnerability type. If a vulnerability falls under a supported compliance standard, the exact violation of the standard will be shown in the Violations listing.

The vulnerability can be inspected further with an insight into a complete Data Flow or a Summary of the data flow, with full source code highlighting of affected code lines.

Data Flow

Remediations

Comments

Config Tab

Activity Tab

Data Flow

Source Code

Summary

Comments