View session metadata

Use session metadata to pinpoint the source of vulnerabilities in your application. When you add the necessary configuration property to your agent file, the agent reports the information along with the rest of your standard vulnerability data to Contrast.

The Contrast web interface displays up to 10 values for each setting configured in the agent configuration file. This limit ensures that the Contrast web interface can display vulnerability and sink group data correctly.

Steps
  1. Select the Applications in the header, then select the name of the application you want to view.

  2. Select the Vulnerabilities tab to see a list of vulnerabilities with data for each. The data for each vulnerability is displayed in the grid and the timeline.

  3. Select the View timeline icon at the top of the grid to view these vulnerabilities in a timeline. Select  Severity or Discovery to change the view. Hover over the trend lines in the grid for a breakdown of the data at that point in time.

  4. Use the View by menu above the timeline to filter the data by the properties that you included in your agent configuration. This updates the values shown in the Seen by column in the grid. Use the filter for the grid column to refine the results.

    To see vulnerabilities that aren't associated with any session metadata, select Disassociated in the View by menu. The Seen by column will then disappear, as the agent hasn't reported any metadata for these vulnerabilities.

    Note

    Session metadata must be configured for the  View by menu and Seen by column to appear.