Skip to content

Project Insights

The Project Insights page provides a deep dive into the security and policy health of a specific project. Once a project is selected from the Projects Page, this view displays metrics, violation breakdowns, scan logs, and more, helping you track issues and developer response over time.

This section empowers teams to monitor risks, track resolution activity, and prioritize security efforts effectively at the individual project level.

Project Metrics Overview

Retrieve project metrics

At the top of the Project Insights page, you'll find a metrics dashboard offering a summary of key statistics over a selectable time range. This snapshot includes:

  • Security Findings: The number of security-relevant issues discovered in the selected timeframe.
  • Policy Violations: Total violations against defined security policies.
  • Developer Fixes: Count of violations that have been resolved by developers.
  • Violations Merged: Number of violations merged into the project’s mainline branch.
  • Total Scans: The total number of security scans run on the project.
  • Scans Failed: The number of scans that did not complete successfully.

Below the stats are two charts:

  • Violations and Findings Chart: Tracks the volume of new findings and violations over time.
  • Daily Developer Activity: Shows trends in fixes and merges, indicating responsiveness and remediation cadence.

Findings and Violations

Project Findings and Violations

This section lists individual policy violations and security findings. Each entry includes details such as:

  • Date and Time of detection.
  • Rule Name and Severity (e.g., exposed secret, XSS, dependency risk)
  • Source
  • Repository and Branch
  • Scanner used

You'll also see deduplication counts and scanner-specific icons, helping you identify repeat violations or categorize findings by origin.

Scan History

Project Scans

This section displays the history of automated scans run against the selected project. Each scan record includes:

  • Repository and Branch scanned
  • Commit Reference and Scan Logs
  • Result Summary: Total violations and findings
  • Scanner Used (e.g., GitLeak, BoostSecurity)
  • Scan Duration and Timestamp
  • Scan Status (e.g., Success or Failed)

These insights help teams:

  • Understand when scans occurred and how long they took
  • Track regressions or improvements over time
  • Trace findings back to specific commits