Versions Compared

Old Version 2

changes.mady.by.user Kiuwan Editor User

Saved on

compared with

New Version 3

changes.mady.by.user Kiuwan Editor User

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Kiuwan Code Security allows you to perform a security-focused analysis of your source code.

...

The Top-10 Worst Files graphic displays a ranking of worst (low-rated) files of your application, showing the security rating and the number of vulnerabilities found.

 

Timeline

 

The Timeline section displays a historical evolution of your Security Rating and Total Effort (to reach 5-star rating) as well as the total LOC size of your application.

...

  • When a baseline analysis was performed (only applicable if you are using Life Cycle). If you are not using Life Cycle, that date will be current date of the analysis.
  • Model used for the current analysis
  • Portfolios this analysis belongs to
  • Graphical distribution of LOCs in different languages

Files 

Files provides a detailed view of your application files according to security issues.

...

It provides some summary data as well as detailed info on every file of your application.

<<sec-7.png>

 

 

Security Rating is the overall rating as described in Code Security Summary.

The Distribution By Rating displays a histogram where you can see the distribution of files according to their security rating (1-5 stars).

Distribution By Number of Vulnerabilities displays a histogram where you can see the distribution of app files according to the number of vulnerabilities. Quantities are grouped in 5 ranges calculated based on the maximum and minimum number of vulnerabilities in the application.

Files table lists application files with the following information:

...

You can order results (in ascending or descending order) by clicking on each column name.

 

Vulnerabilities

Vulnerabilities provide a detailed view of all the application’s vulnerabilities, allowing to:

...

  • Compare analysis results with any other analysis
  • Mute vulnerabilities
  • Export vulnerabilities to CSV format

Please visit Please Kiuwan Code Analysis site  site for info on the above functionalities.

 

General section displays group information on vulnerabilities:

  • By Vulnerability Type: number of vulnerabilities for every type (please see XXXXXXX)
  • By Language: number of vulnerabilities found for every programming language
  • By Priority: number of vulnerabilities found by priority (according to security rules priorities as defined in the model used for the analysis)

...

Figures are also displayed for

  • Violated Rules: number of security rules (checks) with associated vulnerabilities
  • Vulnerabilities: total number of vulnerabilities found in app source code
  • Very High: number of Very High vulnerabilities
  • Security Rating: overall application security rating

...

Along with these metrics, Vulnerability page displays a full listing of defects that you can browse, filter and order by following criteria:

  • Files: Number of files that are not conformant to the selected security rule
  • Defects: Number of vulnerabilities found for the selected security rule
  • Rule: Name (desc) of the security rule
  • Priority of the rule (from Low to Very High)
  • CWE weakness reference(s) mapping for the selected security rule
  • Characteristic : main software analytics categorization of the selected rule
  • Vulnerability Type:  security topic addressed by the selected security rule
  • Programming Language
  • Effort to invest to fix all the vulnerabilities of the selected security rule

...