Help Center/ CodeArts Governance/ FAQs/ Binary Software Composition Analysis (SCA)/ How Do I Handle Security Configuration Issues?
Updated on 2025-06-05 GMT+08:00

How Do I Handle Security Configuration Issues?

CodeArts Governance checks whether the security configuration items are compliant. Specifically, it detects the following issues in the uploaded software packages or firmware.
  • Sensitive information, for example, key files, certificate files, source code files, and debugging tools
  • Problems in the user and group configurations, hard-coded credentials, and authorization and access control. Note that some check items apply to operation systems (OSs) only.

Handle the security configuration issues according to the following instructions.

Export the PDF report and search for security configuration issues. The result of each check item can be pass, failed, or NA (for software packages or firmware that does not include OSs).

The report includes the following items:

  • Check items, or, the check methods
  • Files that have issues, if any
  • Recommended fix suggestions
  • Description of check items