Risks (SCA)
SCA Statistics
The Open Source Risks (SCA) provides a comprehensive view of all the security issues of the dependencies.
Open Source Risks (SCA) page is the same as All Risks but filtered by Open Source category, so please go to All Risks for a full description.
Statistics
Secrets' Statistics view shows:
Charts for # of issues by severity, by type and by type & severity
A table with the issues (as well as a filter for the table)

You can use filters to select specific issues:
By Funnel Phase (see Prioritization Funnels )
By severity
By issue type
By dependency type (direct or indirect)
By reachability (see reachability)
by fixability (see fixability)
By project (pattern)
By issue status (open, confirmed, muted, etc)
By tag
etc.
Public Vulnerabilities (CVEs)
Clicking on the icon of a component with public vulnerabilities will open a slide with detailed information about the CVE.

The Reachability Analysis tab provides detailed information on the call paths leading to the component's vulnerable method(s).

Malware Early Warny details (MEW)
Clicking on the icon of a component with malware detected by Xygeni will open a slide with details.
The Summary tab shows detailed information about the component:
Explanation
Component name
Location where defined
Description

The Malware Evidence tab provides detailed information about the detected code evidence.

Last updated