AI-powered vulnerability analysis in SourceCraft
For issues detected in the course of static application security testing, there is triage, i.e, AI suggestions with risk and criticality assessment, false positive probability analysis, and possible fixes.
To run AI-powered vulnerability analysis:
-
Open the SourceCraft home page.
-
On the Home tab, navigate to Repositories and select a repository.
-
Under Security on the repository page, go to Code scanning.
Note
Similarly, you can view a general list of issues for all repositories in the organization.
-
Select the issue you want to run AI-powered vulnerability analysis for.
-
In the top-right corner, click Triage with AI.
Wait for SourceCraft Security Bot's comment to appear.
See also
- Demo repository with vulnerabilities
- Security in SourceCraft
- Setting up a custom security analyzer in SourceCraft
- Static application security testing in SourceCraft
- Security dashboard in SourceCraft
- Analyzing vulnerabilities in SourceCraft repository dependencies
- Secret scanning in a SourceCraft repository