Home
Developing
Learn how to develop by using the product.
Triage and analysis
Grouping similar findings allows security analysts or IT auditors to segment and triage source code problems. This section explains how to triage AppScan® Source assessments and analyze results.
Triage with filters
AppScan® Source for Analysis reports on all potential security vulnerabilities and may produce many thousands of findings for a medium to large code base. When you scan, you may find that the findings list contains items that are not important to you. To remove certain findings from the Findings view, you can choose a predefined filter or you can create your own filter. A filter specifies the criteria that determine which findings to remove from view.
Creating and managing filters
AppScan® Source offers multiple methods for creating and using filters. The main view for filter creation, the Filter Editor view, provides a robust set of rules which can be manually set and then saved to a filter. The Filter Editor view also provides a mechanism for managing filters that you have created - allowing you to easily modify or remove them. Alternately, you can filter the findings table using views that offer graphical representations of the findings - and then save those filters in the Filter Editor view. When you create a filter, the other views update to reflect the filter properties.
Filtering from the Vulnerability Matrix
The Vulnerability Matrix view displays the aggregate number of findings for all applications included in the scan. These findings are grouped in the matrix by severity level. You can create filters by selecting these groups of findings.

Filtering from the Vulnerability Matrix

The Vulnerability Matrix view displays the aggregate number of findings for all applications included in the scan. These findings are grouped in the matrix by severity level. You can create filters by selecting these groups of findings.

About this task

When you select grouped findings in the Vulnerability Matrix view, the findings table changes to display only those findings that have been selected in the Vulnerability Matrix.

Note: In AppScan® Source for Development (Visual Studio plug-in), this view is part of the Edit Filters window.

Note: Quality findings and findings that are classified with the Info severity level are not included in the Vulnerability Matrix view.

Procedure

In the Vulnerability Matrix view, select the section of the matrix that you want to see in the findings table. For example, to see only High severity Suspect security findings in the findings table, select that section of the matrix. This causes the filtered results to appear in the findings table.
The filtering actions also cause the Filter Editor view to populate with the filter rule settings of the selection that was made in the Vulnerability Matrix. This filter can be saved in the Filter Editor view (to learn about filter rule settings and saving filters, see Creating and managing filters in the Filter Editor view).