Fix vulnerabilities

When a vulnerability arises, you need to assess the risk according to your particular security needs. If you decide to fix this vulnerability:

  1. Learn more about the particular vulnerability by selecting the vulnerability name to open the details page. Then select the How to fix tab to see suggested steps to resolve the issue.

  2. Fix the vulnerability as you see fit.

  3. Check a fixed vulnerability. There are three ways to do this:

    • Replay the request: If the issue is remediated, you can replay the HTTP request. Select the HTTP Info tab to see if the issue is fixed. If it isn't fixed, the issue reappears with a status of Reported.

    • Check build number: For each application, you can assign a build version number. Use session metadata to learn more about a vulnerability using the build number.

      Add this property to the -javaagent command:

      -Dcontrast.override.appversion

      Provided you have set a build number during startup, you can use this as a filter and verify whether the issue still exists for this build version by clicking the Advanced link and the Build Number drop-down menu.

    • Check by time unit tests: You can also filter by the time at which your unit tests were run, and set a date range to view your vulnerabilities in the Set Date Range input field above the vulnerabilities grid.