< Back to all manuals

Xcalscan User Manual (Release 2.0.0)

Xcalscan User Manual (Release 2.0.0)

Defect Details

11.1 Defect Summary

latest update: 2021-06-17

The defect summary includes the following information:

Item Configuration
ID 4GB or more
Please prepare extra free space to save the temporary file generated during the scanning process
FILE 4 Core or higher
LINE The line number where the defect is located in the source code.
FUNCTION The function that relates to the defect.
VARIABLE The variable name that relates to the defect


Defects are assigned levels for their severity, likelihood and costs based on the following principles.

Severity:                                    How serious are the consequences of the defect.

Likelihood:                               How likely will this defect cause security issues.

Remediation Cost:                How expensive is it to fix the defect and comply with the rule.

Complexity:                              How complex is it to fix the defect.

Levels have been assigned to each metric and are shown as red when high, orange when medium, and blue when low.

Xcalscan also highlights the number of execution branches that are included in this defect and it is listed as the number of paths. A coloured indicator also indicates the complexity of the defect from blue (low), medium (orange) to high (red).

When there is only one execution path Xcalscan allows you to drill down and view the details of the single path by clicking on “FULL PATH”. See 11.5.

For more complex, or multiple paths, Xcalscan allows a drill down by clicking on “ALL PATHS” for a graphical view of the execution path. See section 11.6.