diff options
| author | MikeBirnstiehl <michael.birnstiehl@sonarsource.com> | 2019-06-27 13:57:12 +0200 |
|---|---|---|
| committer | sonartech <sonartech@sonarsource.com> | 2019-06-28 08:45:58 +0200 |
| commit | 41775a1b983fff935264484bdef27e693f896ac1 (patch) | |
| tree | fd62e29679498973483723857dc184bcce0b7856 /server/sonar-docs/src | |
| parent | 3367f7fe7e9697343fdfa9a7dc2d1af0c2248805 (diff) | |
| download | sonarqube-41775a1b983fff935264484bdef27e693f896ac1.tar.gz sonarqube-41775a1b983fff935264484bdef27e693f896ac1.zip | |
DOCS update Security HS wording
Diffstat (limited to 'server/sonar-docs/src')
| -rw-r--r-- | server/sonar-docs/src/pages/user-guide/security-hotspots.md | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/server/sonar-docs/src/pages/user-guide/security-hotspots.md b/server/sonar-docs/src/pages/user-guide/security-hotspots.md index 263138af573..29bfb487368 100644 --- a/server/sonar-docs/src/pages/user-guide/security-hotspots.md +++ b/server/sonar-docs/src/pages/user-guide/security-hotspots.md @@ -5,14 +5,14 @@ url: /user-guide/security-hotspots/ ## What is a Security Hotspot? -Unlike Vulnerabilities, Security Hotspots aren't necessarily issues that are open to attack. Instead, Security Hotspots highlight security-sensitive pieces of code that need to be manually reviewed. Upon review, you might be find a Vulnerability at a Security Hotspot location that needs to be fixed or that there is no threat. +Unlike Vulnerabilities, Security Hotspots aren't necessarily issues that are open to attack. Instead, Security Hotspots highlight security-sensitive pieces of code that need to be manually reviewed. Upon review, you'll either find a Vulnerability that needs to be fixed or that there is no threat. ## Why are Security Hotspots Important? Security Hotspots help focus the efforts of developers who are manually checking security-sensitive code. Reviewing Security Hotspots allows you to: * **Fix security issues** – Reviewing Security Hotspots gives you the opportunity to detect vulnerabilities and ensure issues are fixed before merging pull requests or releasing your branch. -* **Learn about security** – {instance} explains why your code was identified as a Security Hotspot and the link between your Security Hotspots and well-known attacks or weaknesses such as SQL Injection, Weak Cryptography, or Authentication. Knowing this makes you aware of when you're working on security-sensitive code and helps you avoid creating Vulnerabilities. +* **Learn about security** – {instance} explains why your code was identified as a Security Hotspot and the link between your Security Hotspots and well-known attacks or weaknesses such as SQL Injection, Weak Cryptography, or Authentication. This helps you to know when you're working on security-sensitive code and to avoid creating Vulnerabilities. ## Security Hotspot Lifecycle Security Hotspots have a dedicated lifecycle and must be reviewed by someone with the "Administer Security Hotspots" permission. |