Reviewing Findings in Veracode Greenlight for Visual Studio

Veracode Greenlight

Publication
Veracode Greenlight
Edition date
2022-11-29
Last publication
2022-11-29T16:31:45.191867

After Veracode Greenlight for Visual Studio has scanned a file, a line of code with a finding has a color-coded underline and a corresponding severity icon at the left of the line of code. A line of code that complies with best practices and is protected against specific CWEs is underlined dark green, with a dark green V icon to the left of the line of code.

Veracode recommends that you dock the Veracode Greenlight Findings window below the Visual Studio code editor window. At the top of the Veracode Greenlight Findings window, you can see the number of discovered flaws, which are grouped by severity and best practice. The scan level indicates whether you ran the scan at the package level or file level. In this window you can:

  • Toggle the severity counts to filter the findings by severity grouping: Very High, High, Medium, Low, Very Low, or Info.
  • Use the filter icon in the CWE ID to filter by CWE.
  • Click the link in the Line column to locate the finding in the specific line of code in the file.
  • Click Details to show the finding details in a separate findings window.
  • Clear all findings by clicking the eraser icon in the top-right corner or using the shortkey, Ctrl+Shift+\.
  • Hover over the finding severity icon at the left of a line of code for details about the finding.