Overview of SAST scan results

Modified on Thu, 5 Sep at 7:35 PM

Scan:

To start a SAST scan on your repositories and applications, please visit the CloudDefenseAI interface's documentation. It offers comprehensive steps on how to run a SAST scan effectively.

Overview:

After completing a scan, the application appears under the "Applications" tab. To review and manage the findings:

From here, you can select the specific application you want to analyze and manage.

SAST Scans:

After selecting an application from the list, you will be taken to a window that provides an overview of the scan. This window also lists all the types of scans that have been performed on the application.

To specifically view SAST scan results, use the "Code Analysis" filter found in the left sidebar under "SCAN TYPE." Applying this filter will adjust the scan list to only show results from SAST scans.

Now all the scan list is populated with the SAST-type scan results which includes like:

Code Analysis
Exposed Keys

Here:

C - number of Critical severe vulnerabilities found in SAST scan

H - number of Hard severe vulnerabilities found in SAST scan

M - number of Medium severe vulnerabilities found in SAST scan

L - number of Low severe vulnerabilities found in SAST scan

E - number of Exploitability severe vulnerabilities found in SAST scan

SAST Scan Overview

By selecting "Code Analysis," or “Exposed Keys” you'll access a detailed overview of the SAST scan for the selected type of scan followed by the list of all the vulnerabilities.

The overview contains the following information about your SAST scan

1) Project Scanned

Name of our current project. In this case vulnpy

2) Snapshot Scan Time

When scan was performed, on which date and at what time

3) Api Key Owner

Which user performed this scan? We show their email address

4) Vulnerable Code Snippet in vulnerability card

Code block which is vulnerable

5) File Path in vulnerability card

Vulnerable code file path

Vulnerability Overview

Each vulnerability is presented on a separate card within the interface. Options available on each card include:

Vulnerability Name: The name provided here identifies the type of security risk detected.
Three Dots Menu: A clickable icon represented by three dots on the card. Clicking this brings up a menu with several options for managing the vulnerability:

Add to Allowed List: Allows you to temporarily include the vulnerability in your allowed list, acknowledging it but deciding it does not require immediate action.
Mark as False Positive: If you determine that the reported vulnerability is not a genuine threat, you can label it as a false positive for a certain duration.
Mark as Global False Positive: This option lets you classify the vulnerability as a non-threat across all projects within the platform.
Overwrite Severity: Provides the capability to adjust the severity rating of a vulnerability, based on your assessment.
Add Comment: Offers a space to add notes or comments regarding the vulnerability, which can be useful for team communications or future reviews

Options like, “Add to Allowed List”, “Mark as False Positive” and “Mark as Global False Positive” further provide various timeline options allowing you to set the duration of these settings:

Mark for a Day: Apply the setting for 24 hours.
Mark for a Week: Extend the setting for one week.
Mark for a Month: Keep the setting for one month.
Mark for a Year: Maintain the setting for a full year.
Mark Forever: Indefinitely apply the setting until changed.
Select Custom Date: This choice opens a popup where you can select an exact date for the setting to expire, offering precise control over the duration

Vulnerability Description: This field elaborates on the specifics of the vulnerability, explaining the potential risks and the context in which it was found.
Recommendations for Vulnerability: Each card includes a button to view AI-generated recommendations tailored to address the specific vulnerability effectively. These recommendations are designed to guide remediation efforts and secure the application.

Manage vulnerabilities in Cluster

For more efficient vulnerability management, our interface allows users to apply settings to multiple vulnerabilities simultaneously. This feature is especially useful when you need to quickly classify several issues as false positives or add them to the allowed list without adjusting each one individually.

Select Vulnerabilities: At the top left of each vulnerability card, there is a checkbox. Click these checkboxes to select the vulnerabilities you wish to manage together.

Apply Cluster Actions: After making your selections, two options will appear next to the count of selected vulnerabilities at the top of the list:
- Set as False Positive: This action enables you to collectively mark all selected vulnerabilities as false positives.
- Add to Allowed List: This allows you to add all chosen vulnerabilities to the allowed list simultaneously

Managing vulnerabilities in groups saves time, reduces mistakes, and keeps your project’s security handling consistent and straightforward.

Search Bar :

Located at the top of the vulnerability list, this tool allows you to search for vulnerabilities by entering relevant keywords or terms related to the security issues they wish to review.

Filters on Left Sidebar:

You can apply filters through the left filter bar. The filter bar includes:

SEVERITY: Enables filtering of vulnerabilities based on their severity levels such as Critical, High, Medium, or Low or Exploitability, allowing you to prioritize remediation efforts.
In Allowed List: This filter shows only those vulnerabilities that have been added to the allowed list, facilitating quick review of previously acknowledged issues.
New Vulnerabilities: Filters the vulnerabilities based on their discovery date, helping to isolate recent issues that need immediate attention.
Show Files: This filter allows you to choose the files which “Excluded” or “Not Excluded”.