Security insights

4 minute read

Security insights provides detailed insights about your security scan results, helping resolve security vulnerabilities and improve overall software quality.

The dashboard charts display a range of information on project activity, including:

  • Components, workflows, and successful workflow runs.

  • Vulnerabilities overview, open and reopened vulnerabilities.

  • Scan type in workflows and vulnerabilities by security scan type.

  • SLA status overview by occurrences, Mean time to repair (MTTR) for vulnerabilities occurrences.

  • CWETM top 25 vulnerabilities.

Select the dashboard time frame to be any of the following:

  • Current week

  • Previous week

  • Two weeks back

  • Current month (default)

  • Previous month

  • Two months back

Filter security insights

If desired, filter security insights by component and time frame. The default dashboard view displays all component activity for the current month.

Select the next to Analytics on the left pane, select Security insights, and then select FILTER.

security insights
Figure 1. Select FILTER to display the filtering options.
  • Select one or more Components from the options.

  • Select a Time frame from the options.

  • Select RESET FILTERS to select the default options.

  • Select to close the pane.

Explore components, workflows, and successful workflow runs

security insights
Figure 2. Example Components, Workflows, and Successful workflow run charts.
  1. Components: The donut chart indicates that 44 components have a workflow file with a security scan step and 382 components with no scan security step, out of a total of 426 components.

    • Select the Total components, With Scanners, or Without Scanners number links to display a list of total components and components having a workflow file with or without the security scan step, respectively, for the selected time frame. Each list includes:

      • Component name

      • Repository

      • Scanners

  2. Workflows: The donut chart indicates that out of 426 components, users have created 2648 workflow YAML files across all branches. There are 1707 branches in the 414 repositories. Out of 2648 workflow files, 247 files contain a scan step, and 2401 are without scan steps.

    • Select the Total workflows, With Scanners, or Without Scanners number links to display a list of total workflow files and workflow files with or without the security scan step, respectively, for the selected time frame. Each list includes:

      • Workflow

      • Component

      • Branch

      • Workflow runs

      • Scanners

  3. Successful workflow runs: The donut chart indicates that the workflow runs are executed 10066 times, out of which 1133 are executed with the scan step, and 8933 are executed without the scan step.

    • Select the Total runs, With Scanners, or Without Scanners number links to display a list of total workflow runs and the number of workflow runs executed with or without the security scan step, respectively, for the selected time frame. Each list includes:

      • Run ID

      • Workflow

      • Component

      • Branch

      • Scanner name

      • Scan status

Explore successful workflow runs

Click on the total runs to display the below list:

security insights
Figure 3. Example list of Successful workflow runs.

Click on charts for Components, Workflows and Successful workflow runs

Click on the pie chart to view the data filtered by Scanner type.

security insights
Figure 4. Clickable charts for Components,Workflows and Successful workflow runs.
security insights
Figure 5. Example list of Component names filtered by scanner type.

Display date range for Vulnerability overview data

Hover the cursor over the bar chart to display the vulnerability overview data with the start and end dates.

security insights
Figure 6. Example Vulnerabilities overview chart.

Filter Vulnerabilities by security scan type

Click the medium bar of the vulnerabilities by security scan type graph to display the data filtered by two types: Scanner type and severity.

security insights
Figure 7. Example Vulnerabilities by security scan type chart.
security insights
Figure 8. Example list of Vulnerabilities by security scan type.

Explore vulnerabilities overview and open & reopened vulnerabilities

security insghts
Figure 9. Example Vulnerabilities Overview and Open & reopened vulnerabilities charts.
  1. Vulnerabilities Overview: The graph displays that out of 752 found vulnerabilities, there are 726 open, five reopened, and 21 resolved. Each occurrence of a unique vulnerability ID is treated as one count; for example, if a component has three vulnerabilities with the same vulnerability ID, they will be counted as one.

    • Found: The new vulnerabilities found in the selected duration and sub-organization.

    • Reopen: The vulnerabilities found in the previous duration that were closed in the past but are found again in the current duration.

    • Resolved: The vulnerabilities that were found in the previous or current duration and are resolved and no longer appear in the security scan.

    • Open: The unresolved vulnerabilities.

  2. Open & reopened vulnerabilities: The graph displays how long the vulnerabilities are open. Each vulnerability is categorized based on the severity level.

Explore open and reopened vulnerabilities

security insghts
Figure 10. Selecting the VERY HIGH bar displays the duration of open vulnerabilities.

The candle stick graph displays the vulnerabilities over time (denominated in weeks). The VERY HIGH bar in the graph displays the number of hours and days for which the vulnerabilities of very high severity levels are opened.

Explore scan types and security scan type

security insghts
Figure 11. Example Scan types in workflows and Security scan type charts.
  1. Scan types in workflows: They indicate how many vulnerabilities are found per Scanner type. The gray column displays the number of workflows and the blue column displays the number of workflow runs. Vulnerabilities are classified by the following scanners:

    • SAST

    • Container

    • DAST

    • SCA

  2. Vulnerabilities by security scan type: The number of unique vulnerabilities that are found per scanner type.

Explore SLA status and MTTR for vulnerabilities

security insghts
Figure 12. Example SLA status overview by occurrences and MTTR for vulnerabilities occurrences charts.
  1. SLA status overview by occurrences: The chart indicates the number of vulnerabilities that are on track, at risk, or breached. Please contact CloudBees Support to modify these settings.

  2. MTTR for vulnerabilities occurrences: The chart displays the mean time to resolve the vulnerabilities.

Explore CWETM top 25 vulnerabilities

security insights
Figure 13. Example list of affected components for the selected vulnerability ID.

Select the number to the upper right of the top 25 high-risk vulnerabilities, to display the components where the vulnerabilities are found:

security insghts
Figure 14. Example list of the affected components.

If you select the arrow on the left, you can see the below data from the code base:

security insghts
Figure 15. CWETM top 25 vulnerabilities.