Source Scan

The Source Scan, scans both public and private repositories from the Git and Bitbucket. The scanning process includes SAST (Static Application Security Testing), code license verification, secret detection, and component analysis.

Before starting with the scan, create a project.

To Add a Project

  • To add or update a new project with source scan configurations, click Add Project.

  • The Create Project details page is displayed as shown below. Enter the details for the following fields:

  • Name : Enter a name for the project.

  • Scan Type : The default type is Source Scan.

  • Platform : Select the platform type, the platform where the code resides (Github, Gitlab Server, Bitbucket, Bitbucket Server, Azure, Azure Server) for the project.

  • Account : Choose the needed account that has been integrated for the selected platform. If no account is available for the selected platform then click Add Account.

    • The integration page is displayed. You can add a new account.

  • Organization / Workspace : Choose the organization or workspace that the selected account has access to.

  • Scan Level : Select the scan level; either organization level or repository level that needs to be scanned.

  • Configuration : Set the configuration details, and schedule the auto scan time.

    • Repo /Project : Select the repo or project name for which the scan needs to be executed.

    • Branch : Select the branch name for which the scan needs to be executed.

    • Branch Pattern : Select the branch pattern for which the scan needs to be executed.

    • Scan Upto : Select the time limit for which the scan needs to be executed.

    • Schedule Auto Scan : Select the time range during which the scan needs to be rerun automatically.

  • Click Save.

The project gets added for scanning and the following overall scanning results are displayed.

  • Repos Registered

  • Total Branches

  • Total Scans

  • Total Projects

  • Auto Scan Enabled Repos

The panel at the bottom displays the project details. On expanding each project you can view the complete details of it.

  • To edit the configuration details of the project, click the Edit Configuration button.

  • Click the View option in the Action button, to view the SAST and SCA scan results of the project.

  • Click the Download button to download the scan results.

PreviousScan NowNextArtifact Scan

Last updated

Was this helpful?