Working with Security Issues in the Error List Window

Fortify Security Assistant displays all the security issues detected as you write code and for open files in the Error List window's Warnings tab.

The following table describes the Fortify information provided for each issue.

Column	Description
Description	A brief description of the issue. Fortify Security Assistant prepends each detected issue with [Fortify].
Category	The Fortify category.
Suppression State	Indicates whether the issue has been suppressed (hidden). To change whether suppressed issues are visible or not, click the filter icon in the Suppression State column, and then select or clear the Suppressed check box.
Priority Order	A colored icon indicates the Fortify Priority Order used to categorize the severity of a vulnerability A weakness that allows an attacker to reduce a system’s information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness. (same as issue). Critical High Medium Low

When you review the detected issues, you can do the following:

• To see a detailed description of an issue, right-click the issue, and then select View Vulnerability Details.

  The Vulnerability Details window opens and provides a detailed description of the issue, examples, and recommendations for how to fix the issue.

  

  Note: If the Vulnerability Details window is already open, click an issue to see the corresponding details in this window.

• To locate the line of code where the issue was found, double-click the issue.

  Tip: To change how the issues are grouped, right-click the Error List, and then select Grouping.