This section introduces the Vulnerabilities dashboard in Kiuwan Code Security.
The Code Security Vulnerabilities dashboard provides a detailed view of your application’s vulnerabilities and lets you:
- Search vulnerabilities using multiple criteria
- Sort and group vulnerabilities by different attributes
- Inspect the details of each vulnerability
- Access vulnerability descriptions and remediation guidance
Summary data
The Summary section provides aggregated vulnerability information:
- By Vulnerability Type: number of vulnerabilities for every type (please see Vulnerability Types).
- By Language: number of vulnerabilities found for every programming language.
- By Priority: number of vulnerabilities found by priority (according to security rules priorities as defined in the model used for the analysis).
It also includes the following key figures:
- Violated Rules: number of security rules (checks) with associated vulnerabilities.
- Vulnerabilities: total number of vulnerabilities found in the app source code.
- Very High: number of Very High vulnerabilities.
- Security Rating: overall application security rating.
Actions menu
Use the menu icon (top-left) to access additional actions, such as:
- Compare analysis results with another analysis
- Mute vulnerabilities
- Export vulnerabilities to CSV
- Export to ThreadFix
- SARIF
Detailed data
Below the summary, the page displays a complete list of vulnerabilities that you can browse, filter, sort, and group.
You can refine the list using:
- Search by rule name
- Priority (low to high)
- Characteristic (main software analytics categorization of the selected rule)
- Vulnerability Type (security topic addressed by the selected security rule)
- Language (programming language)
- Normative (security standard)
- CWE Scope
- Framework
- Tags
- Muted (muted or not)
- Status (reviewed or not)
Grouping
You can also group vulnerabilities by:
- Rule
- Files
View vulnerability details
Click any vulnerability row to view details, including:
- Which files contain this vulnerability
- The specific location of the vulnerability in the source code