To view the vulnerabilities identified in source code for an asset, follow the steps below:
- Login into I3 Portal
- Using the left floating menu navigate to Assets —> Manage
- Click on the link in the Asset Name column for the specific asset in the Assets table.
- On the Asset details page, click on Code Vulnerabilities from the ribbon menu
- You can filter code vulnerabilities using the below:
- Specify search text in the Search box. This is searched in the following: Source filename, Description, Source code snippet and Status
- Specify the State of the finding i.e. Open / Resolved / Ignored
- Click on the charts (Rating, OWASP Categories, CWE Distribution) for further filtering
- To view details for a specific code finding, click on the Line number link displayed in the Line # column for that finding.
- To change the state of a selected issue, click on State value link in the Status column and toggle the state in the displayed pop-up window. For bulk update of multiple issues, refer link.