< Back to all manuals

Xcalscan User Manual (Release 2.0.0)

Xcalscan User Manual (Release 2.0.0)

What is Xcalscan?

1.4 A Standard Code Review Process with DSR

latest update: 2021-06-15

We recommend that development teams perform regular code review using static analysis. This should include:

Full analysis – Manual Code Review using Xcalscan

  • A full scan review, performed ad-hoc, daily or weekly.
  • Security or team lead views the results in the Web UI.
  • Code can be analysed by security team or project lead at any time from the Web UI and vulnerabilities can be assigned to developers.
  • Reports can be generated in PDF or csv.

Incremental analysis using Xcalscan DSR Feature

  • Daily scan as developers check in their code.
  • Use of Jenkins to trigger the scan. A DSR result/report notification will be sent to security team or project lead.
  • Results can be analysed in the Web UI. Vulnerabilities can be assigned for remediation through the Xcalscan Web UI.
  • This provides a clear view of incremental changes including reporting of new defects and visibility to changes in threat levels.
  • Reports generated in PDF or csv for project management and reported to stakeholders.