New feature — Ability to compare any two code analysis scans

New feature — Ability to compare results of any two code analysis scans

ShiftLeft Next Generation Static Code Analysis now allows you to compare any two versions of your code scans. By using the compare scans & trends feature, it is easy to determine what has changed between two versions.

Photo by Chris Ried on Unsplash

Why it matters?

Developers are always writing code, implementing fixes with a specific context. Their code should not break existing unit tests, integration tests and should not introduce new bugs.

They expect the same from their code analysis tools — Inform if they have

  1. Introduced a new vulnerability [NEW]
  2. Reintroduced an already fixed vulnerability [REGRESSION]

and if they can have a list of all vulnerabilities that were existing in a prior build as an outcome of their current work [FIXED]

With ShiftLeft NG-SAST’s latest “compare scans” feature achieves all of these use cases and much more.

How the feature works?

Prerequisite: The selected application should have more than one scans.

For any application with multiple scans, the application summary view will default to the most recent version. In the new “Findings Trends” section, you will be able to select another version to compare it to.

Note: You can only compare a version to a previous version. Only versions performed before the target version will be displayed.

The “Findings Trends” section will give you a summary of the differences between the versions. You will see:

Select a comparison version from the dropdown
  • Total Findings — The total number of new, common, and regression findings in the current version.
  • New — Findings that are in the current version, but not in the selected comparison version.
  • Common — Findings that are in both the current version and selected comparison version.
  • Regressions — Findings that are in the current version that were fixed in a version prior to the selected comparison version.
  • Fixed — Findings that are not in the current version that were present in the selected comparison version

Note: Findings include vulnerabilities, insights, and secrets.

Compare Scans View

Clicking on a summary total — or clicking on the “Compare Scans” icon in the sidebar, will open up a detailed view of the findings. From here you can switch the current and selected comparison versions and perform the same tasks you are accustomed to in the other views: View Details, Assign, Fix, Ignore.

Perform actions on the comparison results

API Update

This release also updates the ShiftLeft API to allow API users to pass in source and diff query parameters to the List App Findings endpoint.

  • source — the version to compare the current version to (e.g. scan.3)
  • diff — the finding status to return (e.g. fixed, new, etc.)

ShiftLeft is thrilled to provide developers and organizations with another great feature to help with application security! For a free trial of ShiftLeft Next Generation Code Analysis, click here


New feature — Ability to compare any two code analysis scans was originally published in ShiftLeft Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

*** This is a Security Bloggers Network syndicated blog from ShiftLeft Blog - Medium authored by Vincent Falcone. Read the original post at: https://blog.shiftleft.io/new-feature-ability-to-compare-any-two-code-analysis-scans-58f3a1e613ac?source=rss----86a4f941c7da---4