Filter vulnerabilities with Visual Studio Code

With the Visual Studio Code plugin, you can filter vulnerabilities on multiple parameters of vulnerability and session metadata simultaneously. These include:

  • Vulnerability metadata:

    • Application name

    • Status (such as Reported, Not a Problem, Remediated)

    • Environment (development, test, or production)

    • Tags (custom labels applied to vulnerabilities)

    • Detection date (specifically, First and Last detected)

  • Session metadata:

    • Committer

    • Commit hash

    • Branch name

    • Git tag

    • Repository

    • Test run

    • Version

    • Build number

For example, you can choose to display only those vulnerabilities found on a specific feature branch (Branch Name) and committed directly by you (Committer), filtering out vulnerabilities introduced by a different developer on a separate feature branch.

Someone else can choose to filter vulnerabilities so that they only see results from a specific build (Build Number) that was blocked by their security team. They can immediately pinpoint the subset of vulnerabilities that need to be resolved before deploying the merged feature branch.

To filter vulnerabilities:

  1. Click the Filter icon in the toolbar. Choose any field you want to filter.

    For example, for Vulnerability metadata you see predefined values from which you are able to choose. You can filter vulnerabilities so that results only show those found in the Development environment.

  2. To save and apply filters, click the back arrow and hit Enter. The plugin will reload the Contrast view to display only vulnerabilities that match your filtering criteria.

  3. To clear the selected filters, choose Clear filters and select Enter.