To access SAST code violation issues, under Modules, select → → .
You an also view SAST issues in dedicated tabs in the Repositories and Business Applications asset side cards, or the All Issues inventory, filtering by Detection Method =SAST Scanner.
The Code Weaknesses page displays a filterable, sortable table of all code weakness issues detected across monitored repositories.
Note
The default sort order is by Severity (descending). The default filter shows issues with a status of New and In Progress. Resolved issues are hidden by default.
The Code Weaknesses page contains two tabs: Issues and Findings.
Issues tab: Displays deduplicated, policy-evaluated code weakness issues. The Issues tab is the default view and the primary workspace for triage and remediation. Issues are created when a raw scanner finding matches a unified policy
Findings tab: Displays all raw code weakness findings detected by the SAST scanner before policy evaluation. The Findings tab provides visibility into the complete scanner output, including findings that did not generate issues because no matching unified policy exists. Use the Findings tab to audit scanner coverage, review findings excluded by current policy configurations, and identify opportunities to create new policies for uncovered finding patterns. For more information, refer to Ingest third-party data sources
Note
Findings in the Findings tab are raw scanner output and do not have resolution statuses, SLA tracking, or assignees. To track remediation for a specific finding, create or update a unified policy that matches the finding pattern to generate an actionable issue in the Issues tab.