Home
User Guide
Information that helps you to make the most out of Seeker for securing your applications
Working with Projects
Seeker uses projects to organize information and workflows.
View and Explore Code Risk
In the Code Risk dashboard, view the application risk reported by rapid static scans of the source code.

User Guide
Information that helps you to make the most out of Seeker for securing your applications
- Working with Vulnerabilities
  Seeker provides a rich set of tools to explore and handle security vulnerabilities detected in your applications.
- Working with Projects
  Seeker uses projects to organize information and workflows.
  - View Application Security for Regular Projects
    The Application Security dashboard provides an overview of the vulnerabilities detected in a regular project, the application's compliance with the security standards, and the results of third-party component analysis.
  - View Application Security for Composite Projects
    The Application Security dashboard provides an aggregated overview of the vulnerabilities detected in a composite project, which is convenient for assessing the security status of the whole application.
  - View Compliance Status
    In the Compliance dashboard, view the details of a project's compliance with the assigned policy and the major security standards: OWASP Top 10 2021, 2017, 2013; OWASP Top 10 API Security Risks 2023, 2019; PCI-DSS v3.2, CWE/SANS 2011, GDPR, CAPEC.
  - View Component Risk
    In the Component Risk dashboard, view the application risk reported by Software Composition Analysis (SCA), which scans for vulnerabilities the third-party and open-source components used in your application.
  - View and Explore Inbound Endpoint Risk
    In the Endpoint Risk dashboard, view and explore a distribution of application risk by inbound endpoints.
  - View and Explore Outbound Endpoint Risk
    In the Endpoint Risk dashboard, view and explore an application risk distribution by outbound endpoints.
  - View and Explore Application APIs
    Seeker enables you to view and explore your application's API reference that is auto-generated from the API endpoints collected by the Agent for active inspection, or from a manually uploaded API specification file.
  - View and Explore Code Risk
    In the Code Risk dashboard, view the application risk reported by rapid static scans of the source code.
  - View and Explore Data Flow Map
    In the Data Flow Map dashboard, explore your application's real-time interactions with other resources, such as databases and internal or external services.
- Working with Recommendations
  Seeker offers you various personalized recommendations to optimize your workflows and application testing by fine-tuning your system configuration.
- Configuring User Settings
  Personalize your experience with Seeker by configuring your user settings.

View and Explore Code Risk

In the Code Risk dashboard, view the application risk reported by rapid static scans of the source code.

Prerequisites: The Rapid Scan Static powered by the Sigma engine feature is enabled for your project. For instructions, see Configure Rapid Scan Static.

Note: Currently, this feature is supported only for Node.js applications.

The dashboard

In the main menu, click

(Projects), choose a project that you want to view, and click Code Risk.

The top banner displays the detection metrics for the code files: the total number of code files with detected vulnerabilities and other issues, the numbers of vulnerable code files and detected issues.

The Code Risk Summary bar diagram shows the distribution of detected vulnerabilities by severity.

Actions

Here is what you can see and do in this dashboard:

Action	Instruction
Set version filter	Select which project versions to include. Use text search to find versions other than the latest.
Set severity filter	Select which severity levels to include.
Set code path filter	Enter a path by which to filter the code files.
Refresh	Click the Refresh to refresh the list of code files.
Reset	Click the Reset to delete the current results. A new scan will occur on application restart.
Sort by a column	Click any column heading to sort the list by that column.
View details	Click any code file in the list to view and explore the detections in that file. All detected vulnerabilities or issues are accompanied by detailed explanations and remediation advices.