Dev team would like clarity on what findings are important to Security team:
- Using GitHub, languages include Go, Python, etc.
- Hoping for some pointers to identify the categories that Sonar Security findings fall under. Aside from standard urgency (Critical / High / Med / Low), wondering if findings fall under other breakdowns such as OWASP Top 10, maybe MITRE ATTACK vector, etc…
- appreciate a pointer to where this is listed, or an answer that might not be published online.