By the end of this process, you'll complete the following tasks.
Filter and review issues
Triage issues
Monitor tests and get test results
Navigate to Tests in the left-hand navigation menu.
If numerous tests are showing, you might need to filter to see your test.
First try filtering on test status, for new tests.
Depending on the size of your project, a test may take a number of hours
to finish running. When the test is complete the progress bar shows 100
percent and a green circle enclosing an arrow appears to the right of
the progress bar on the Tests page.
To view test results, select the branch name in a completed test's row.
Filter and review the issues
You can get to the issues in either of the following ways:
Go to Portfolio, select an application, select a project, and open the Issues tab.
Note: Use the branch pulldown (near the top of the page, next to the project name) to view test results for different branches in your project.
Go to Tests and select the branch name in a completed test's row.
Click the filter icon.
The filters panel opens.
Expand filter categories and use the checkboxes to apply filters.
Try filtering the results according to issue type, severity, and triage status. (For example you might want to see issues that are not triaged, or all high severity issues that are not triaged.)
After you apply a filter, select an issue in the list to open the Issue Details tab.
Here, you can see:
A description of the issue and its local effects (that is, the risk it poses when present in your project)
A link to the Common Weakness Enumeration (CWE™) page, if
available
A link to training resources in Secure Code Warrior, if available (and after the Secure Code Warrior integration is enabled by your Organization Administrator)
A link to the Common Vulnerabilities and Exposures (CVE®) page, if available
The Black Duck® Security Advisory (BDSA) code for the issue, if available
The name of the tool that discovered the issue
The time of the test that discovered the issue
A list of branches the issue is also detected in
The Contributing Code Events tab appears when you select an issue captured by a SAST test. Here, you can see:
The location in your code where the issue is found