View your Violating Findings
Overview
In the Mend Platform, Violating Findings are the result of Workflows designed to enforce specific conditions during the development process. When a workflow matches the defined conditions during a scan, a policy violation is created after being set as the Workflow Action.
By analyzing the count and findings of these policy violations, you can better assess which issues require immediate attention, ensuring that critical vulnerabilities are addressed promptly and efficiently.
This article will guide you through where and how to view the violating findings, helping you measure the impact of policy enforcement and optimize your required response actions.
Prerequisites
Role-based Access to Violations
The Violations view displays findings triggered by both organization-level and application-level workflows.
Organization Admins can see all violations across the organization, regardless of where the triggering workflow originated.
Application Admins can see violations related to workflows within the applications they manage, including:
Violations from application-specific workflows they created or edited.
Violations from organization-level workflows, which are visible but cannot be edited.
For more about user roles and their permissions, see the Manage Roles in the Mend Platform article.
Getting it done
Note: Before performing scans, an Automation Workflow that meets the conditions with an action to create a policy violation should be created.
View your Violating Findings in the Mend Platform
You can search for the Applications/Projects containing scans that have met the conditions defined in the Automation Workflow.
Navigate to the Applications/Projects general view in the Mend Platform.
In the main table, you can see the following column available:
Violated Findings - The total number of findings matching the policy violation and the Priority of each finding.
When clicking on the number of Violated Findings per Application/Project, you’ll be navigated to the Violations table view, where you can review the list of Findings, Violations, Priority (Max), SLA (Min), Workflows, Engines, and the Origin.
Note: The Violations table view can be accessed directly from a specific Application or Project under the General section in the left-side navigation menu.
View your Violating Findings in the Mend CLI
Once a scan through the Mend CLI is completed and the Automation Workflow has violated a policy, you’ll see the violating findings as part of the Mend CLI console results.
If the Mend CLI scan scope falls under your workflow created in the Mend Platform, the Mend CLI will print out any policy violations found in the console results. The information will be separated into 2 tables:
The Violating Findings Table
The table lists the top 50 violated findings created following the scan.
The table will include the following columns:
Finding - The vulnerability finding
Origin - The affected library
Violations - The number of violations created following the finding
Workflows - The names of the Automation Workflows which triggered the violation
The Violating Findings Table
The table lists all the Automation Workflows that triggered policy violations.
Field | Description |
|---|---|
| The name of the workflow condition that violated the policy. |
| The type of condition that was violated. The available values are available in our Workflow configuration parameters documentation. |
Note: The tables will not appear if no violations occurred.
View your Violating Findings in the Mend Developer Platform
Once a scan through the Mend Developer Platform is completed and the Automation Workflow has violated a policy, you’ll see the violating findings as part of the Mend Developer Platform / Repo Integrations scan findings.
If a scan scope falls under your workflow created in the Mend Platform, the Mend Security Check (SCA)/Mend Code Security Check (SAST) will print out any policy violations found in the console results.
