Skip to main content

Custom Analysis - Application Logic

You can use CxAudit for expanding CxSAST's functionality to analyze project-specific aspects of your source code. One example is tracking the logical flow through source code by querying to find what influences a specified element, what the element influences, and where else the element appears (Application Logic). For example, if you want to make sure that your application doesn't reveal credit card information, you could locate the code element that contains the information, and create a query to find all the places in the code that are influenced by that element.

For application logic, perform the following:

Open either an existing CxSAST project or create a new local project for auditing.


You can work on a smaller, representative section of a project, by copying part of the source code project to a locally accessible folder and creating a new project from it (see CxAudit Workspace).

In the Source Code pane, display a source code element containing the code element you want to analyze, either by opening the file from the upper-right Solution pane, or by selecting a scan result or Path element.

Right-click the code element, and select one of the following (CxAudit will create the relevant query code and add it to the non-executable query: Corp > CxDefaultQueryGroup > CxDefaultQuery):

  • FindbyID, FindbyName, or FindbyType - Locate other occurrences of the code element.

  • What DataInfluenceBy this - Locate code elements influenced by this element, directly or indirectly.

  • What DataInfluencingOn this - Locate code elements influencing this element, directly or indirectly.

Run the query. The results appear in the Results pane.

Perform one of the following:

  • If you want the query to remain available, create a new query and copy the code from CxDefaultQuery to the new query.

  • If you do not want the query to be included in future scans:

    Right-click the new query and select Properties.


    Clear Executable.


    Click Save All Queries to save the changes.