While the Project Vulnerability List highlights current open issues, the Project Overview page offers in-depth analytics and historical context. It answers questions like, “Are we reducing critical vulnerabilities over time?” and “Which scanner finds the most issues?”

Breakdown Charts

  1. Vulnerabilities by Severity
    A bar or donut chart showing the split among Critical, High, Medium, Low issues. Perfect for zeroing in on severity hotspots.
  2. Vulnerabilities by Analysis Type
    Compares how many issues come from SAST, IAC, or SCA. This can reveal if your code (SAST) or your infrastructure (IAC) demands more attention.
  3. Vulnerabilities by State
    Shows how many are Open, In Progress, or Resolved. Great for agile workflows to see if issues keep piling up or are actively being addressed.
  4. Vulnerabilities Over Time
    A timeline chart that records how many vulnerabilities exist at any given time in the project’s history. This helps track improvement trends.

Practical Use Cases

  • Management Reporting: Show weekly or monthly improvements to stakeholders.
  • Prioritization: If SAST counts are skyrocketing, your dev team might need more secure coding guidance.
  • Team Accountability: Some organizations tie metrics (like “Resolved vs. New Vulnerabilities”) to sprint goals.

Combine this data with your weekly triage approach to confirm that your security posture is actually improving.