To view the vulnerabilities identified in source code for an asset, follow the steps below:
- Login into I3 Portal
- Using the left floating menu navigate to Assets —> Manage
- Click on the link in the Asset Name column for the specific asset in the Assets table.
- On the Asset details page, click on Code Vulnerabilities from the ribbon menu
- You can filter code vulnerabilities using the below:
- Specify search text in the Search box. This is searched in the following: Source filename, Description, Source code snippet and Status
- Specify the State of the finding i.e. Open / Resolved / Ignored
- Click on the charts (Rating, OWASP Categories, CWE Distribution) for further filtering
- Click on the CSV Reports button to immediately generate or schedule a report for code vulnerabilities.