Software Security Profile report

The Software Security Profile presents a comprehensive analysis of the characteristics of your application that have direct relevance to its security. It provides a detailed audit of critical security features in software for a particular project. This report helps you verify the implementation of requirements such as encryption, access control, logging, and error handling before certifying the software for deployment.

The composite identifies areas of potential risk and presents recommendations for minimizing those risks. The report helps facilitate an assessment of the overall application security - which is useful for compliance, policy, and architectural reviews. Findings are based on extensive static analysis of source code using a database of flaws, vulnerabilities, industry-specific standards, and general best practices.

The Software Security Profile displays this information:

  • Report Card: Contains links to the report details and severity indicators summarizing the section.
  • Overview: Summarizes the purpose of the report and describes the application configuration.
  • Metrics: Identifies the total number of packages, classes, methods, and lines of code in all of the packages in the project.
  • Detailed Findings by Category: Reports each vulnerability category found with a vulnerability category name and an icon that indicates the severity level of the vulnerability.