Static Analysis Security Issues report
This report displays the static analysis data imported from AppScan® Source.
Changes to findings classifications
As of AppScan® Source Version 8.8, findings classifications changed. This table lists the old classifications mapped to the new classifications:Findings classifications prior to AppScan® Source Version 8.8 | Classifications in AppScan® Source Version 8.8 |
---|---|
Vulnerability | Definitive security finding |
Type I Exception | Suspect security finding |
Type II Exception | Scan configuration finding |
Why it matters
Static analysis allows you to check source code for security vulnerabilities. Early detection and resolution of web application vulnerabilities decreases the risk of attack and saves valuable time and resources. It is good practice to perform static analysis during the unit testing phase.