Versions Compared

Old Version 19

changes.mady.by.user David P

Saved on

compared with

New Version Current

changes.mady.by.user David P

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

To view scan results, you can view either of the following tables:

  • In Projects & Scans > Projects, view an individual project scan results.
  • In  Projects & Scans > All Scans, view the results from all scans.

To see one project scan results using the All Scans table, in the project's row, click Open Viewer Image Modified.

Projects Scan List and Actions

In Projects & Scans > Projects, various scans and action lists are available (see Creating and Configuring Projects).

Image Modified

ColumnActionDescription

Scan List

Image Modified View Project Scans

Displays the project in the individual project path, for example, Projects & Scans/View Project Scans/My Java Projects.
Actions
Image Modified Full Scan
A scan of the whole project. If the project is configured for a local location, this will require uploading a zip file with the updated source code.

Image Modified Incremental Scan

A scan of only new and modified files since the last previous scan. 

Info

Incremental scan significantly shortens the scan time, but it is not recommended for projects with significant amounts of changes.


Image Modified Branch Project

The Branch Project operation is similar to copy project, but it copies a different set of properties: Preset, Team and the Last scan from the source project with all results and remarks.
Image Modified Duplicate Project
Duplicate Project creates a new project based on the setting of an existing one. From the existing project it will copy the following: Preset, Team, Exclusions, Scheduling, Pre-scan emails, Post-scan emails and Scan failure emails.

All Scans

All Scan results appear in a table with each row representing an individual scan result set. You can manage the table, including sorting by Scan Date, Scan Complete date, Project Name, or Risk Level Score.

Image Modified

Image Modified- indicates scan in process
Image Modified- indicates a full scan.

Info
iconfalse
AditionallyImage Modified indicates a partial scan. Information about why only a partial scan was performed is provided in Scan Summary. For more information about partial scans, refer to the CxSAST Troubleshooting & FAQ section.

Image Modified- indicates an incremental scan

Each row of the scan results table includes a Risk Level Score and a risk indicator bar, showing the overall risk calculation of all vulnerabilities found in this scan. Some of the other columns are:

  • Initiator: The user who activated the scan
  • Origin: The system from which the scan was activated
  • LOC: The number of Lines of Code in the project
  • Team: Team that the scan is assigned to
  • Server Name: The CxEngine server that performed the scan
  • Cx Version: The CxSAST version number at scan time.
  • Comments: Indicates any comments maintained for the project, for future scans and for instances that continue to be found.
  • Access: Defines whether the scan is a private scan (not visible to others, but can be viewed by immediate managers) or a public scan.
  • Locked: Specific scans may be marked as “Locked” to avoid automated purging of important scan data. Locked scans cannot be deleted.
  • There are also additional available Actions.

If a scan was initiated for a non-local project (or, for an Incremental scan for a local project) with no code changes since the previous scan, the Comments indicate that the scan was not actually performed.

Selecting a scan in the table displays its details at the bottom of the window:

Image Modified

The Monitoring tab provides two graphical summaries of found vulnerabilities:

    • The Top 5 High and Medium Vulnerabilities chart shows the five most common High and Medium vulnerabilities found in this scan.
    • The Risk Indicator chart represents the correlation between the severity and the quantity of the results.
      • Severity - Axis X (value between 0 and 100) is calculated according to the number of High, Medium and Low severity results
      • Quantity - Axis Y (value between 0 and 100) is calculated according to the number of High, Medium and Low severity results

The Comments tab allows you to write comments on the scan results.

Image Modified

Deleting Scans

To delete one or more scans:

Select the rows of the requested scans.

Click the Delete button. A prompt appears, requesting you to confirm the deletion operation.

Click OK

Info

If the user does not have the authorization required for deleting scans, no scan will be deleted. 

If one or more of the scans is locked, a message appears indicating, for example, that only 2 of the 3 scans were deleted succefully.


Clicking the Export as CSV File Image Modified options downloads the DeleteErrors.csv file, which displays the details of the locked scans.

Unlocking all scans indicated in the report enables full deletion of the project.

Comparing Scans

To compare scans:

In Projects & Scans > All Scans, select two scans to compare.

Click the Compare Scans Image Modifiedoption. The Scans Compare screen is displayed.

Image Modified

Click on the Results button in order to see a 'file compare' showing the code differences in each file, grouped by vulnerability/scan result.


...



Section


Column

See more:

Child pages (Children Display)
pageViewing Results from All Scans


Column