Skip to main content

Viewing the Compliance Tab

6406602769.png

The Compliance tab shows details about applicable compliance standards for the Project. The left side panel shows a list of applicable compliance standards. Clicking on a standard shows info for that standard in the main display.

Compliance List Pane

The left side pane shows a list of all standards that are applicable for this Project (i.e. all standards for which the relevant queries were run).

Next to each compliance standard is either a checkmark, indicating that the Project passed the requirements of that compliance standard, or an exclamation point, indicating that it failed.

Notice

The Project is considered to have passed a compliance standard if it does not have any Medium_Severity.png or High_Severity.png severity vulnerabilities.

6406144059.png

Compliance Main Display

The main display show shows details about the vulnerabilities that were identified that do not comply with selected standard.

Total Vulnerabilities Widget

This widget shows the number of vulnerabilities that do not comply with this standard, broken down by severity level (HIGH, MEDIUM, LOW, INFO). The info is shown as color coded doughnut graph.

6406799367.png

Aging Summary Widget

This widget shows a bar graph indicating the number of new vulnerabilities related to this compliance standard that were identified during various time periods. The data is broken down by severity level.

Note

The data shown in this widget is for vulnerabilities that are present in the last scan of the selected branch of this Project.

6406570006.png

Vulnerabilities Categories Table

The bottom section shows a list of categories of vulnerabilities that were discovered in the Project. For each category, details are shown about the vulnerabilities discovered.

The following information is shown for each category:

Parameter

Description

Possible values

Category

The name of the vulnerability category

e.g. Heap_Inspection, Privacy_Violation, etc.

Total Vulnerabilities

The total number of vulnerabilities discovered in this category

a number

Severity

The amount of vulnerabilities, distributed by severity

  • High High_Severity.png

  • Medium Medium_Severity.png

  • Low Low_Severity.png

  • Info Info_Severity.png

a number

Languages

The language(s) of the detected vulnerabilities

e.g. Java

Engines

The type of scan engine that discovered the vulnerability

SAST, SCA or KICS