To view the vulnerabilities identified in source code across multiple assets, follow the steps below:
- Login into I3 Portal
- Using the left floating menu navigate to Analytics —> Vulnerabilities —> Code and click on Code Vulnerabilities button in the top ribbon menu
- You can filter code vulnerabilities using the below:
- Specify search text in the Search box. This is searched in the following: Source filename, Description, Source code snippet and Status
- Specify the State of the finding i.e. Open / Resolved / Ignored
- Click on the charts (Rating, OWASP Categories, CWE Distribution, Tags) for further filtering
- To view details for a specific code finding, click on the Line number link displayed in the Line # column for that finding.