Skip to main content

View scan details

Scan details include:

  • A summary of the scan results.

  • Scan coverage details.

Before you begin

  • Identify the scan project that contains the scan you want to view.

Steps

  1. In the header, select Scans.

  2. Select a scan project.

  3. To view coverage details, under Scan history, select the link in the Label column for a specific scan or select View in the Coverage column.

    Images shows the scan summary and the tabs that contain additional details

    • At the top of the list, view a summary of scan details.

      The name of the person who ran the scan is displayed at the top of the summary.

      Note

      The ability to view the name of the person who ran the scan is available for scan projects created after June 12, 2023.

    • Under Vulnerabilities, view the severity, vulnerability name, and status of the vulnerability.

      Contrast has high confidence that the vulnerabilities in this list require remediation.

    • Under Other Findings, view additional vulnerabilities that the scan found.

      Due to the assumptions the scan made when reporting these vulnerabilities, Contrast has lower confidence that the vulnerabilities in this list require remediation

  4. To view additional details about vulnerabilities, select the Vulnerabilities tab at the top of the page.

    Image shows the Vulnerabilities list for a scan.

    • To filter the view by severity, vulnerability, language, CWE, or status, select the Filter icon (icon-filter.svg) next to the column heading and select available options.

      • In addition to filtering by severity, you can also edit the severity.

      • The Vulnerability column shows the name of the vulnerability and where in the code it was found.

      • The Language column shows the language of the code where the scan found the vulnerability.

      • The CWE column shows the number of the CWE that maps to the rule for the vulnerability. For example, if CWE-89 maps to a rule for a specific vulnerability, the CWE column displays 89.

        If no CWE exists for a specific vulnerability, the column is blank.

      • The Status column shows the status of the vulnerability.

        Scan statuses provides descriptions of each vulnerability status.

    • To download the vulnerability data to a CSV file, select the Download icon (icon-download.svg) at the top of the vulnerability list.

  5. To view the rules that the scan used, select the Policy tab at the top of the page.

In this section: