The flaw sources report quickly identifies main sources of untrusted data in an application and locates all the flaws that share a flaw source.
Being able to identify multiple flaws that you can fix with a single code change significantly reduces the time developers spend on finding and fixing or mitigating vulnerabilities in software code. If a source is secured by design, developers can report all the flaws stemming from the safe source with a single mitigation action.
- The function that contains the flaw
- The location in the source file of that function
- The severities of the downstream flaws
- The CWE with which each flaw is associated