This default tile displays "at a glance" information about the current Application status:
Clicking this tile will take you directly to the button button available in the sidebar).(this can also be accessed by clicking the
Rule specific tiles
Additional tiles are displayed as follows - these are non-clickable and ONLY display Critical Violations (i.e. are not impacted by the Critical Violations filter option in the top menu bar).
This tile displays the number of Critical Violations in the Application for the rule CWE-89: Avoid SQL injection vulnerabilities - 7742.
|This tile displays the number of Critical Violations in the Application for the rule CWE-79: Avoid cross-site scripting DOM vulnerabilities - 7740.|
|This tile displays the number of Critical Violations in the Application for the rule CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute - 8240.|
This tile displays the total number of Critical Violations in the Application for the following rules:
Application Components tile
Select an object in the list of violations to view its source code. In order to focus investigation, source code displayed presents either:
Whenever a piece of code is made available, the View File button (seen in the example below) provides the ability to open the entire source code file to get the entire context. The file is opened in a separate browser window. The entire source code is presented plus some context (application name, snapshot reference, file name).
The Rule name is also highlighted using colour (yellow for a standard Rule (as shown below), and red for critical):
If a "copy/pasted" Rule has been selected (for example Avoid Too Many Copy/Pasted Artifacts), a list of objects that have a high level of similarity with the selected objects will be listed: