OWASP Security Vulnerabilities

Owned by Iryna_Seradzina
Last updated: Jan 18, 2022 by Denis Olevanov (Unlicensed)
1 min read

Purpose

OWASP Security Vulnerabilities shows the amount of security vulnerabilities in the application code.

How metric helps

An application vulnerability is a system flaw or weakness in an application that could be exploited to compromise the security of the application. Once an attacker has found a flaw and determined how to access it, the attacker has the potential to exploit the application vulnerability to facilitate a cyber crime.  Examples of security vulnerabilities: SQL injection, cross-site scripting (XSS), credentials leakage, sensitive data exposure, broken authentication and session management and more. With help of the metric, it becomes possible to find weaknesses in code timely. 

How metric works

Chart overview

The chart is composed of security vulnerabilities counted in items and displayed on Axis Y which are distributed over time (Axis X). Security Vulnerabilities are summed by unit sub-types and shown in the chart legend. Each sub-type is clickable for its series to be displayed/hidden on the chart.



Calculation 

Metric is calculated as a number of vulnerability issues in code.

RAG thresholds: Red > 20, Amber > 10, otherwise Green.

Data Source

Data for the metric can be collected from Sonar.

Related pages

Code Comments
Code Comments
TelescopeAI User Guide
Read with this
Engineering summary: Continuous integration & deployment
Engineering summary: Continuous integration & deployment
TelescopeAI User Guide
Read with this
Deployment Frequency
Deployment Frequency
TelescopeAI User Guide
Read with this
Lead and Cycle Time
Lead and Cycle Time
TelescopeAI User Guide
Read with this
Bug Growth
Bug Growth
TelescopeAI User Guide
Read with this