You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have edge-cases where we create confusion (diff scan without the context etc.)
What we’re trying to do here is “threat-modeling” for the AppSec team, mostly at the application level, considering rules directly tied to sensitive data are very limited.
Proposal
Remove dynamic severity level from CLI and Cloud, for findings
Create a “business risk score” using the App sensitive data detect that we can show on the Dashboard when we list all the App
Questions
What do we do with rules directly tied to sensitive data?
We keep them and the logic, considering it’s isolated to the code scan it won’t pause any problems.
The text was updated successfully, but these errors were encountered:
Reasoning
What we’re trying to do here is “threat-modeling” for the AppSec team, mostly at the application level, considering rules directly tied to sensitive data are very limited.
Proposal
Questions
The text was updated successfully, but these errors were encountered: