Consolidated Project State (v8.8.0)

The Consolidated Project State window provides a high level summary of the status of each project.

To display the Consolidated Project State window:

Go to Dashboard > Project State and click the link on the Project Name. The Consolidated Project State window is displayed.

Summary

You can perform the following actions from the Consolidated Project State window:

  • Full Scan - perform a SAST scan for the whole project 
  • Incremental Scan - perform a SAST scan for only new and modified files since the last scan

  • Run OSA - perform Open Source Analysis on predefined open source libraries associated with this project.

    Additional Actions:

    • Edit Project - displays the projects details
    • Open Scan Summary - displays the scan summary
    • Open Viewer - displays the scan results viewer

    • CxOSA Viewer - displays the CxOSA scan results viewer (see CxOSA Viewer).

Current Status - Includes the time/date stamp indicating the date and time of the last SAST scan 

SAST Vulnerabilities Status

Provides a graph with the status of each vulnerability severity.

 -  All new vulnerability instances discovered accorsding to severity (high, medium and low)

 - Recurring vulnerability instances from previous scan

 Solved is defined as vulnerabilities fixed/solved since last scan

Click the Full Scan Results link to display the Scan List for this project.

SAST Progress Status

Provides a graph with the progress status of each vulnerability severity.

 -  All new vulnerability instances discovered according to severity (high, medium and low) 
 - Vulnerability instances from previous scan
 - Fixed/solved vulnerability instances from previous scan
 - Recurring vulnerability instances from previous scan

Open Source Analysis (CxOSA)

Open Source Analysis (OSA) helps you manage the security risk involved in using open source libraries in your applications. This provides open source analysis results for predefined open source libraries associated with this project. Includes a stamp indicating the date and time of the last analysis.

The following summary results are displayed:

  • No Known Vulnerable Libraries - Number of libraries without any known security vulnerabilities.
  • Vulnerable LibrariesDistribution of the vulnerable libraries:
    • Vulnerable - number of libraries that have at least one security vulnerability
    • Outdated - number of vulnerable libraries for which a newer version is available (major vs minor release).

Click the Run Analysis Now link to perform an Open Source Analysis. A "New Open Source Analysis is in progress" indicator is displayed.

For more information about Open Source Analysis (CxOSA), please see the CxOSA Viewer.

Scan History

Click the Scans History tab to display the scan results for the project.