Analyzing security vulnerability search results

A match to the Rule Analyzer Regular Expressions rule does not guarantee that the result constitutes a vulnerability in the code. You must review the results to determine if any matches are false positives.

A generated report with vulnerabilities consists of two sections:
  • Search Statistics – A list of selected rule types with the number of searched rules and the number of rules with the selected expression.
  • A more detailed list of records.

To examine details of the report, complete the following steps.

  1. Click the Plus icon by the rule name to display a list of rules of that type that has more than zero matches.
  2. Click a ruleset name to see more details for that rule type.
  3. Click << Back to return to the full report details.