Issue severity

Issues can be classified as appear in the Issues grid of an app.

Issue severity values

Issues are assigned a severity level automatically, and this is used in calculating the Risk rating for an application.

Levels are:
  • Critical
  • High
  • Medium
  • Low
  • Informational

By default the Critical value is assigned only to some issues found in SAST scans, but you can reassign any value to any issue.

Edit issue severity

You can select one or more issues in a list to edit their severity together.
  • Simply select all the issues you want to change, and click Edit severity. You can optionally add a comment, that will be included with all the edited issues.
    Note: Changes to issue severity do not affect the value shown in the scan record, which always retains the severity values at the time the scan was run.