How to generate CSV report of vulnerabilities identified in source code for an asset?

To view the vulnerabilities identified in source code for an asset, follow the steps below:

  1. Login into I3 Portal
  2. Using the left floating menu navigate to Assets —> Manage
  3. Click on the link in the Asset Name column for the specific asset in the Assets table.
  4. On the Asset details page, click on Code Vulnerabilities from the ribbon menu
  5. You can filter code vulnerabilities using the below:
    • Specify search text in the Search box. This is searched in the following: Source filename, Description, Source code snippet and Status
    • Specify the State of the finding i.e. Open / Resolved / Ignored
    • Click on the charts (Rating, OWASP Categories, CWE Distribution) for further filtering
  6. Click on the CSV Reports button to immediately generate or schedule a report for code vulnerabilities.