Skip to main content

Customize score settings at a system level

Contrasts designates an application score, which can optionally depend on a library score. To customize score settings at a system level:

  1. Under system settings, select Score settings.

  2. Select an option for Overall score to determine how applications are scored in Contrast:

    • Default score is the average of your application's library score and its custom code score.

    • Custom code-only score ignores library score when calculating the overall application score. If you select this option, you can click to select specific languages, or apply it to all languages.

  3. Select an option for Library score to determine how libraries are scored in Contrast:

    • Default score uses an algorithm that includes vulnerabilities as well as the age and versioning of a library.

    • Vulnerability-only score bases scoring solely on vulnerabilities present in the library.

  4. Select the box next to Allow organization override so that an Organization Administrator can determine score settings at an organization level.

  5. Select Save.

Note

A RulesAdmin can configure policy settings in Policy Management so that any library in violation automatically receives a failing score (F). Once these settings are chosen, you'll see an alert message in Score Settings. Clicking the policy link in the alert navigates you to Library Policy, where administrators may view and revise these settings.