Clarity User Guide April 2017 Version 0.5 Table of Contents 1.0 GENERAL INFORMATION....................................................................................................... 4 1.1 Service Overview............................................................................................................................... 4 1.2 Contents of a User Guide .................................................................................................................. 4 2.0 SYSTEM SUMMARY ............................................................................................................... 6 2.1 System Configuration ........................................................................................................................ 6 2.2 User Access ....................................................................................................................................... 6 3.0 GETTING STARTED................................................................................................................. 8 3.1 Before Logging In .............................................................................................................................. 8 3.1.1 Getting Invited ........................................................................................................................... 8 3.1.2 Setting a Password .................................................................................................................... 8 3.2 Logging In .......................................................................................................................................... 8 3.3 Top Menu .......................................................................................................................................... 9 3.3.1 Dashboard ............................................................................................................................... 10 3.3.2 Settings .................................................................................................................................... 10 3.3.3 Help .......................................................................................................................................... 10 4.0 START SCANNING ................................................................................................................ 12 4.1 Upload a File ................................................................................................................................... 12 4.2 Scan a File........................................................................................................................................ 12 5.0 REVIEW SCAN RESULTS ....................................................................................................... 15 5.1 Type of Result Pages ....................................................................................................................... 15 5.2 Scan Results .................................................................................................................................... 15 5.2.1 Description of Columns ............................................................................................................ 15 5.3 Scan Results Summary View ........................................................................................................... 17 5.3.1 Layout of Scan Results Summary View .................................................................................... 17 5.3.2 Description of Columns ............................................................................................................ 18 5.3.3 Security Risks Information ....................................................................................................... 18 5.3.4 Litigator Code Information ...................................................................................................... 19 5.4 Scan Results Detail View ................................................................................................................. 20 5.4.1 Layout of Scan Results Detail View .......................................................................................... 20 5.4.2 Navigation (Left Pane) ............................................................................................................. 23 5.4.3 Tabs (Right Pane) ..................................................................................................................... 24 5.4.4 Overview Tab ........................................................................................................................... 25 5.4.5 Unique Strings Tab ................................................................................................................... 26 5.4.6 Assigned Strings Tab ................................................................................................................ 27 5.4.7 Unmatched Strings Tab ........................................................................................................... 27 5.4.8 Variable Names Tab................................................................................................................. 27 5.4.9 Function Names Tab ................................................................................................................ 27 5.4.10 ELF Analysis Tab ..................................................................................................................... 27 6.0 OPEN ARCHIVED RESULTS ................................................................................................... 29 6.1 Unarchive a Result .......................................................................................................................... 29 6.2 Delete a Result ................................................................................................................................ 30 7.0 ADMINISTRATION ............................................................................................................... 33 7.1 Managing Users .............................................................................................................................. 33 1 7.1.1 Add a User ............................................................................................................................... 33 7.1.2 Reset a Password ..................................................................................................................... 33 7.1.3 Delete a User ........................................................................................................................... 33 2 1.0 GENERAL INFORMATION 3 1.0 GENERAL INFORMATION 1.1 Service Overview Insignary Clarity is a solution to identify security and compliance issues through binary code analysis without requiring a source code. Clarity has two options of its service based on customer’s need; On-Premises and Cloud (SaaS). Clarity delivers “clear” information to resolve frequently encountered real-world challenges rather than few academic-cases. 1.2 Contents of a User Guide This user guide consists of five sections: Getting Started, Start Scanning, Review Scan Results, Open Archived Results, and Administration. Getting Started section lists out preparation steps to use Clarity. Start Scanning section describes how to upload and scan a binary using Clarity. Review Scan Results section has information on how to interpret the output of the scan results. Open Archived Results section has information on how to back up and restore the scanned results. Administration Section has information on how to manage users, database, and license. 4 2.0 SYSTEM SUMMARY 5 2.0 SYSTEM SUMMARY 2.1 System Configuration Clarity operates on web browsers such as Firebox, Google Chrome, and Internet Explorer. As of April 2017, Clarity is compatible with the following versions of web browsers: Chrome version 56 and up Firefox version 51 and up Safari version 10 and up Internet Explorer version 11 and up 2.2 User Access Site Admin can grant access to users, and only those invited users will have access to Clarity. 6 3.0 GETTING STARTED 7 3.0 GETTING STARTED 3.1 Before Logging In 3.1.1 Getting Invited Only registered users can access Clarity. If you did not receive an invitation with an activation link, please contact your site administrator. 3.1.2 Setting a Password Once you receive an invitation email, please click the activation link to set your password as shown below. You may want to check spam folder if you do not see it in your inbox. Password is case-sensitive Please set your password and click “Activate User” button. 3.2 Logging In Please open a web browser to visit https://clarity.insignary.com. Please login by entering your email address and password. 8 Password is case-sensitive 3.3 Top Menu Clarity has three main menus, and these are displayed at top right corner: Dashboard, Settings, and Help. 9 3.3.1 Dashboard The first menu, dashboard, has three major functions: Start Scanning, Review Scan Results, and Open Archived Results. Start Scanning: This allows you to upload and scan binary files. Review Scan Results: This allows you to view and export scan results. Open Archived Results: This allows you to view and restore archived scan results. 3.3.2 Settings Settings is for a site administrator. If you are a site administrator, please refer to section 7.0 ADMINISTATION in this guide. 3.3.3 Help Help is where you can read a user guide, send feedbacks regarding Clarity, and check the current version of Clarity. 10 4.0 START SCANNING 11 4.0 START SCANNING 4.1 Upload a File Please click a bar with a clipper icon , then select a file to upload. A folder or multiple files are not allowed to upload. Only single file at a time. You may compress (zip) multiple files into a single file to upload and scan it 4.2 Scan a File Please click “Start Scanning” button to upload a file, and initiate the scan. 12 13 5.0 REVIEW SCAN RESULTS 14 5.0 REVIEW SCAN RESULTS 5.1 Type of Result Pages Clarity has three different views to review scan results : Scan Results, Scan Results Summary View, and Scan Results Detail View. Scan Results: This view shows the list of all scanned binaries, including the ones that are currently being scanned, with a brief summary. Scan Results Summary View: This view shows summary information for a specific scanned binary that you selected from “Scan Results” view. Scan Results Detail View: This view shows detailed information of a specific scanned binary file that you selected from “Scan Results Summary View”. 5.2 Scan Results This page shows a list of all binary files. If a binary file is currently being scanned, it will be marked as “Scanning” under Completed column heading. If a binary file’s scanning has been completed, then it will display the completion date/time under Completed column heading. Below image is an example that shows which binary is in the process of scanning, and which binary is completed scanning; Binary_001 file is being scanned, whereas Binary_002, Binary_003, and Binary_004 files have already been scanned. 5.2.1 Description of Columns Archive: This button allows you to archive the result of scanned binary . Once archived, the binary will disappear from the scan results. Please refer to next section 6.0 OPEN ARCHIVED RESULTS for more information. File: Name of the scanned binary Security Issues: Number of vulnerabilities found in the scanned binary. Licenses Identified: Number of licenses found in the scanned binary. Litigator Code: Number of identified Open Source Components that contain codes whose licensor is known to strictly enforce compliance of license conditions. 15 Uploaded: Date and Time that binary scan started. Completed: Date and time that binary scan completed. Export: This button allows you to export the scanned result as Excel(XLS), CVS, and Json file. o Overview: exports general information of all files in the binary. o Identifiers: exports extracted and matched identifiers of all files in the binary. o All Data: exports both “Overview” and “Identifiers” o Bird View: allows you to customize the report per customers’ requests. Delete: This button allows you to delete the scanned result. If scanning is not completed, all buttons are disabled except for the one to cancel scanning You can generate reports on scanned binary by using the “Export” button from Scan Results page. You can generate reports on a selected file from a scanned binary by using the “Export” button from Scan Results Detail View page. 16 5.3 Scan Results Summary View Please click on the name of a binary from Scan Results page to see a summary of a specific scanned binary. Scan Results Summary View shows the list of files found in the selected binary. 5.3.1 Layout of Scan Results Summary View Selected binary name is displayed at the top of the page. “Back to Results” button is displayed at the bottom of the page. This button will take you back to Scan Results page. 17 5.3.2 Description of Columns File Name: Name of the file that is included in the scanned binary. Component: Name of the Open Source Software(OSS) that Clarity identified as the source for the target file. Security Risks: List of vulnerabilities found in the file. Licenses: List of licenses found in the file. Litigator Code: List of Litigators found in the file. Litigator is a licensor who is known to strictly enforce compliance of license conditions. Patrick McHardy is a well-known example of a litigator. 5.3.3 Security Risks Information Common Vulnerabilities and Exposures (CVE) number will be displayed under “Security Risks” column if security risks are found for the file If multiple security risks are found for a file, an ellipsis (…) is displayed. You can click CVE number from this page, and a pop-up will display all CVEs along with hyperlinks to the National Vulnerability Database website for more information. 18 5.3.4 Litigator Code Information If a litigator code is found for a file, a name of litigator or organization will be displayed under “LITIGATOR CODE” column. You can click the name of litigator from this page, and a pop-up will display detailed information about the litigator along with a hyperlink to the litigator’s website if applicable. 19 5.4 Scan Results Detail View Please click a specific file name from “Scan Results Summary View” page to view detailed information. This will lead you to “Scan Results Detail View” page 5.4.1 Layout of Scan Results Detail View Selected binary name is displayed at the top of the page. This page consists of two panes; Navigation (Left Pane) and Tabs (Right Pane). 20 There are two buttons under overview tabs (right pane): “Back to Summary” and “Export” “Back to Summary” button is displayed at the bottom of the right pane. This button allows you to go back to Scan Results Summary View. 21 “EXPORT” button is displayed at the bottom of the right pane. This button enables you to export what is displayed within this page into a file. o Overview: exports general information of all files in the binary. o Identifiers: exports extracted and matched identifiers of all files in the binary. o All Data: exports both “Overview” and “Identifiers” 22 5.4.2 Navigation (Left Pane) Navigation Pane displays all files that are extracted from binary. File name will be highlighted in red if that file has either a security issue, a compliance issue, or a litigator code. 23 A button to display only red file is available at the top of the left pane. 5.4.3 Tabs (Right Pane) Right Pane has up to 7 tabs displayed at the top: Overview, Unique Strings, Assigned Strings, Unmatched Strings, Variable Names, Function Names, and ELF Analysis 24 5.4.4 Overview Tab The overview tab has 4 parts: General, String Match Statistics, Matched Components, and Matched Components Detail. General o Name: Selected file name. o Path: File path from root directory. None if it is in root. o Size: File size in byte. o File type: Type of file. o SHA 256: Checksum of the file. o Declared Shared Libraries: Library shared with the file. o Tags: Related label that represents the file. Identifiers Match Statistics o Extracted Identifiers: Number of identifiers extracted from the file. o Unmatched Identifiers: Number of identifiers that did not have any match against Clarity’s database. o Ignored Identifiers: Number of identifiers that are too general to count such as string literals “help” and “out of memory” that are included in many open source packages. o Total Matched Identifiers: Number of identifiers that have match against Clarity’s database. o Assigned and Unique Identifiers Unique Identifiers: Number of identifiers whose match was found in a single Open Source component. Assigned Identifiers: Number of identifiers whose match was found in more than one Open Source components. o Unassigned Identifiers: Number of identifiers whose match was found in too many Open Source components. Hence, Clarity finds them not very useful for determining the origin of the binary. o Non-Cloned Identifiers: Number of identifiers whose match was found in more than one Open Source components that are not clones of another Open Source package. o Matched Percentage: Percentage calculated by total matched identifiers divided by total extracted identifiers. 25 Matched Component Detail o Rank: Determined by scores that are calculated by Clarity’s algorithm. o Name: Name of Open Source Component that Clarity identified as the source for the target file. o Scores: Calculated by Clarity’s algorithm. Higher score means higher chance that this component is included in the file. o Unique Matches: Number of identifiers that matched a unique component. o Non-Unique Matches Assigned: Number of Identifiers that matched more than few components only. o Security Issues: Associated CVE number for this component. o Licenses: Associated License information for this component. 5.4.5 Unique Strings Tab Unique String tab displays detailed information of unique matched identifiers. [screenshot with string matched lines on unique strings tab] Filename: name of source code. Version(s): version of source code. Line Number: line number that a specific identifier is located within the Open Source Project. SHA256: a checksum of the file. 26 5.4.6 Assigned Strings Tab Assigned String tab displays detailed information of assigned identifiers. 5.4.7 Unmatched Strings Tab Unmatched String tab displays total number of unmatched identifiers. 5.4.8 Variable Names Tab Variable Names tab displays detailed information of variable names. 5.4.9 Function Names Tab Function Names tab displays detailed information of function names. 5.4.10 ELF Analysis Tab ELF Analysis tab displays detailed information of an Extensible Linking Format (ELF). Tabs will be displayed only if the file has related information. Overview tab will be displayed for any file. 27 6.0 OPEN ARCHIVED RESULTS 28 6.0 OPEN ARCHIVED RESULTS Once you archive a scan result, the result will be displayed on archive list. From this page, you can either unarchive(restore) the result or delete the result from the list. 6.1 Unarchive a Result To unarchive the file, please click “UNARCHIVE” button heading. under “Archive” column Once you click the button, a confirmation window will pop up. 29 6.2 Delete a Result To delete the archived file, please click “DELETE” button heading. under “Delete” column Once you click the button, a confirmation window will pop up. 30 31 7.0 ADMINISTRATION 32 7.0 ADMINISTRATION A site administrator can manage users, update database, and renew the license via “Setting” menu. 7.1 Managing Users Please click “Setting” menu from top right corner to go to administration page. 7.1.1 Add a User Please enter user name and email address, then click “Create User” button to send an invitation email to the user. When you click this button, a confirmation window will pop up. 7.1.2 Reset a Password Please click button to send a ‘reset password’ email to the user. This email will have a link to rest the password. When you click this button, a confirmation window will pop up. 7.1.3 Delete a User Please click button to delete a user. When you click this button, a confirmation window will pop up. 33
© Copyright 2026 Paperzz