Versions Compared

Old Version 5

changes.mady.by.user Kiuwan Editor User

Saved on

compared with

New Version 6

changes.mady.by.user Kiuwan Editor User

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

 

Kiuwan Code Security allows you to perform a security-focused analysis of your source code.

...

  • Summary:
    • A comprehensive top view of your application security (overall security rating, vulnerabilities quadrant, effort to reach upper levels of security, top-10 security vulnerabilities, top-10 worst files and timeline evolution of security indicators) 
  • Files:
    • A file-based  top-down view of security issues, i.e. a view that is organized on how secure are the source files of your application, letting you indentify which ones are less safe 
  • Vulnerabilities:
    • A security analysis page where you can inspect and manage all the vulnerabilities found in your source code, allowing you to search for specific defects, filter by vulnerability type, priority (and other criteria), and find remediation tips for all the security issued found in the analyzed source code.

 

Let’s go through them in detail.

 

<<sec-1.png>

 

Summary

...

The Summary provides a comprehensive high level overview of your application security, allowing you to have a complete security dashboard of your application at your fingertips.

...

  • Overall security rating,
  • Vulnerabilities quadrant,
  • Effort to reach upper levels of security,
  • Top-10 security vulnerabilities,
  • Top-10 worst files, and
  • Timeline evolution of security indicators

...

<<sec-2.png>

 

Security Rating

...

Kiuwan Security Rating is a discrete 5-star grade that tells you how secure your application is in terms of the likelihood and impact of the found vulnerabilities.

...

 

Security Vulnerabilities

...

Security vulnerabilities are grouped in a quadrant according to two major axes:

...

Based on analysis results, Kiuwan also calculates the Effort you need to invest to reach the different rating levels according to the remediation effort associated to fix each vulnerability. 

Top 10 Vulnerabilities and Worst Files

...

The Top-10 Worst Files graphic displays a ranking of worst (low-rated) files of your application, showing the security rating and the number of vulnerabilities found. 

Timeline

The Timeline section displays a historical evolution of your Security Rating and Total Effort (to reach 5-star rating) as well as the total LOC size of your application.

...

Distribution By Number of Vulnerabilities displays a histogram where you can see the distribution of app files according to the number of vulnerabilities. Quantities are grouped in 5 ranges calculated based on the maximum and minimum number of vulnerabilities in the application. 

Detailed data

...

Files table lists application files with the following information:

...

  • Violated Rules: number of security rules (checks) with associated vulnerabilities
  • Vulnerabilities: total number of vulnerabilities found in app source code
  • Very High: number of Very High vulnerabilities
  • Security Rating: overall application security rating

 

...

 

<<sec-9.png>

Clicking on the sandwich menu on the top-left you can:

...