The Findings page displays vulnerabilities detected in your applications. This guide explains its key features and how to use them.

Subpages

  1. App (Application): Shows code-related vulnerabilities
  2. SCM: Displays findings related to the repositories
  3. Cloud: Presents findings related to Cloud services

Finding Statuses

  • Enriched: Initial stage of generated findings
  • Pending Input: Awaiting user input for remediation
  • Ready: Remediation is complete
  • PR Submitted: Pull Request has been created after remediation
  • Issued: Issue has been created after remediation
  • PR Accepted: Generated Pull Request has been accepted

Key Features

Buttons

  • Filter: Manage and apply filters to your findings
  • Searchbar: Search for specific vulnerabilities by name
  • Upload Scan: Upload a template scan to view results in Findings
  • Columns to Show: Customize visible columns in the findings table

Viewing Finding Details

  1. Click the “View” button on any finding
  2. Access detailed information including:
    • AI Remediation
    • Summary
    • OWASP Category
    • Other relevant data

Creating Remediations

  1. In the finding detail view, look for the action button
  2. For Pull Request type:
    • Button will show “Create AI Remediation”
  3. For Issue type:
    • Button will show “Create Issue”

Remediation Stages

  1. Pending Input: Awaiting user input for remediation requirements
  2. Processing: Remediation is being processed (occurs when no template/input is available)
  3. Ready: Remediation is complete and ready for review

Next Steps

After reviewing findings, you can create remediations, submit pull requests, or create issues based on the vulnerabilities detected.

Manage ApplicationsAccount