Information Leak Triage

Sometimes it's not a concern when an app leaks email addresses, URLs, and other data (for example, when they're publicly available on an open-source project). You can triage these results so that Black Duck Binary Analysis will ignore them in future scans of your code. This is useful when the package is a large, open-source application containing thousands of such items.

Workflow

  1. On your group page, select the application.
  2. Select the Information leakage tab. For large scans, it may be a few moments before results are available.
  3. Select the relevant file from the list.

  4. Select the pencil icon to reveal information leak triage controls:

    It can be found at the right-hand margin, on the same line as the file containing the leaked information:

  5. Choose which items to triage by selecting the checkbox next to the data.
  6. Select the appropriate Apply button. There's one at the end of the URL list, another at the end of the IP address list, and so on.
  7. In the Infoleak triage dialog, select values for Scope and Rationale. Optionally, you may enter text in the Description field.
  8. To apply the values, select Save.

The triaged results will be hidden from future scans, companywide.

If there are existing infoleak triages, they are visible in the table in the triage column with the info icon. Clicking on the view text will open the details of the specific infoleak triage.

Undo Your Triage Decisions

To un-triage data after you have triaged it, you can uncheck the boxes, using the same process as when you triage them.

  1. On your group page, select the application.
  2. Select the Information leakage tab.

  3. Select the Show triaged checkbox.

    When you select a file, the triaged items will be visible, and highlighted with light blue.

  4. Select the relevant file from the list.

  5. Select the pencil icon to reveal information leak triage controls:

    It can be found at the right-hand margin, on the same line as the file containing the leaked information:

  6. Choose which highlighted items to un-triage by de-selecting the checkbox next to the data.

  7. Select the appropriate Apply button. There's one at the end of the URL list, another at the end of the IP address list, and so on.

When you triage or un-triage information leaks, the results apply companywide.

Filtering

You can also use the search bar on the information leakage page to filter the results. For example, if you search for your company's name, you'll find any emails, URLs, or other items containing the text you searched for. You can triage them one-by-one, or if you're sure you want to ignore all the results you found, you can select the Select All check box.