The findings available under this tab provide some useful options for teams. To set these findings, access the Workspace you wish to configure, then click on the Advanced sub-tab of the Workspace navigation.
Code Quality
This setting (disabled by default) will run a Salesforce specific package of PMD's Code Quality scanner. These are not security related findings and will appear in the Scan results as "Quality" under the Category field. This can be useful when your team needs to manage their workload across both a Security and Code Quality workload, unifying findings across both dimensions into a singular report.
Track Findings per Org
This setting (disabled by default) overrides an important feature that DigitSec offers customers with robust pipelines.
A security finding is considered unique based on factors such as the filename and the function stack. In environments where the same code base is used in multiple workspaces, finding records are persistent across workspaces. That way, status assignments, comments or taggings can be shared across workspaces at different points on the pipeline.
Turning this setting on effectively adds the Workspace ID as a component of the finding's uniqueness hash. Even if the workspace is scanning the same code as other workspaces, the findings and findings meta-data (user assignments, tags, comments, status assignments) will be restricted to this workspace.
Enabling this feature can be useful for tracking vulnerabilities across different workspaces or when it is important to restrict access to specific workspaces and teams.
New Issues Scan
This setting (disabled by default) activates a filter for subsequent scans. Our scanning engine will still run all the scans specified in scan settings, but the Issues screen will only display Issues that were found for the first time with that scan. This can be very useful to teams that are tackling legacy issues while they are also deploying new code. Note that is possible to view a Scan Issues report and switch this filter off to see all of the issues at once. The benefit of this control in Advanced Scan Settings is that it is in place at the time the scan is initiated.
These three settings above can also be found at the Environment level under Configure--> Advanced. At the environment level, these are the defaults that will be in place for each newly created Workspace. These settings do not override workspace settings.
These two settings below exist only at the Environment level. They are designed as administrative tools to enforce a temporary change in system behavior or to enforce a workflow policy.
User Notifications
When a user is assigned to an Issue, they receive an email notification message. When changes are made to that Issue, such as a Status or Severity change, the user receives an email notification message. Users can control whether they receive these notifications by managing their Profile Settings. By default, this is the preferred configuration where this setting is enabled.
If an organization decided to make a substantial number of changes to their Issues via the API, they may decide that it would be valuable to disable these messages to avoid a deluge of messages. By changing this setting to disabled, the system will halt all issue related notifications.
This configuration control does not impact Password Reset or Authentication Verification messages.
Required Comments
On an Environment wide basis, Admins can activate this configuration control to enforce a policy that each time an Issue status is changed, the acting user is required to enter a comment. This can benefit teams that require a robust audit of their progress on remediating issues. The required comment is added to the Issue history.
