Skip to content

Explore the Dashboard

The BoostSecurity dashboard provides a high-level overview of security findings, policy violations, developer activities, and other crucial metrics. This page is designed to give users quick insights into the security posture of their repositories.

Dashbord

Page Filtering

  • Policy Filter: Located at the top-left, allowing users to filter the displayed data by specific policies.

    Policy Filter

  • Time Filter: Located next to the Policy Filter, this allows users to select the time range for the displayed data (e.g., 2 weeks, 1 month, 3 months, or 12 months).

    Dashboard Timespan

Key Metrics

Key Metrics

  • Critical Risk Issues: This displays the number of critical risk issues within the selected time range that can cause serious damage if exposed. These are the greatest risks that needs to be addressed immediately.
  • Security Findings: Displays the total number of security findings detected within the selected time range. It also shows the count for the previous period and the change in findings.
  • Policy Violations: Shows the number of policy violations detected within the selected time range, with comparisons to the previous period.
  • Developer Fixes: Indicates the number of fixes applied by developers within the selected time range, with comparisons to the previous period.
  • Violations Merged: The number of policy violations that have been merged in the selected time range.
  • Total Scans: The total number of scans conducted within the selected time range.
  • Scans Failed: The number of scans that failed within the selected time range.

Visualizations

Dashboard Visualizations

  • Violations and Findings Chart: A bar chart showing the daily count of findings (white bars) and violations (yellow bars) over the selected time range.
  • Daily Developer Activity Chart: A line chart indicating the daily number of fixed violations (green line) and merged violations (purple line) over the selected time range.
  • Top 5 Violations: A list showing the top 5 most common violations, their descriptions, and their occurrence percentages.
  • Funnel Graph: The Funnel Graph is a powerful addition to the BoostSecurity dashboard, designed to help you visualize how Boost effectively reduces noise from your security data. This section provides three distinct funnel graphs, each dedicated to a specific type of data:
    • SCA (Software Composition Analysis)
    • SAST (Static Application Security Testing)
    • Secrets

Each funnel graph simplifies the process of sifting through large volumes of security data, ensuring that your team can respond swiftly and effectively to the most pressing security concerns.

Activity Feed

  • Findings and Violations Tabs: Located on the right side, allowing users to toggle between viewing all items, only findings, or only violations.
  • Activity Entries: Displays recent findings and violations, including:
  • Time: The time when the finding or violation was added.
  • Repository: The repository where the issue was detected.
  • Details: A brief description of the issue, including the type of vulnerability and its severity.

Using the Dashboard

  1. Filtering Data: Use the policy and time filters at the top to customize the data displayed on the dashboard.
  2. Monitoring Key Metrics: Regularly review the key metrics to stay informed about the overall security health and recent trends.
  3. Analyzing Visualizations: Use the charts to understand the distribution of findings and violations over time and identify any spikes or patterns.
  4. Reviewing Activity Feed: Check the activity feed for the latest findings and violations, focusing on high-severity issues for immediate action.

Practical Applications

  • Security Monitoring: Keep track of the number and types of security findings and policy violations to ensure proactive management.
  • Trend Analysis: Analyze the visualizations and key metrics to identify trends and patterns in security issues and developer activities.
  • Actionable Insights: Use the top 5 violations list and activity feed to prioritize remediation efforts and address the most critical vulnerabilities first.

Conclusion

The BoostSecurity dashboard provides a comprehensive overview of your security landscape, enabling you to make informed decisions and take timely actions to enhance the security of your repositories.