Project Overview & Stats
Dive deeper into per-project analytics, including severity breakdowns, states, and historical trends.
While the Project Vulnerability List highlights current open issues, the Project Overview page offers in-depth analytics and historical context. It answers questions like, “Are we reducing critical vulnerabilities over time?” and “Which scanner finds the most issues?”
Breakdown Charts
- Vulnerabilities by Severity
A bar or donut chart showing the split among Critical, High, Medium, Low issues. Perfect for zeroing in on severity hotspots. - Vulnerabilities by Analysis Type
Compares how many issues come from SAST, IAC, or SCA. This can reveal if your code (SAST) or your infrastructure (IAC) demands more attention. - Vulnerabilities by State
Shows how many are Open, In Progress, or Resolved. Great for agile workflows to see if issues keep piling up or are actively being addressed. - Vulnerabilities Over Time
A timeline chart that records how many vulnerabilities exist at any given time in the project’s history. This helps track improvement trends.
Why These Insights Matter
Why These Insights Matter
Severity Analysis
Tells you immediately if your project is dangerously skewed toward high-risk issues.
Scanner Comparison
Identifies if you have a gap in coverage. Maybe IAC is producing more critical findings than you expected.
State Monitoring
Helps in sprints and retrospectives: Are we resolving issues faster than they appear?
Time Series
Offers a clear measure of progress or regression. A downward slope indicates successful remediation.
Practical Use Cases
- Management Reporting: Show weekly or monthly improvements to stakeholders.
- Prioritization: If SAST counts are skyrocketing, your dev team might need more secure coding guidance.
- Team Accountability: Some organizations tie metrics (like “Resolved vs. New Vulnerabilities”) to sprint goals.
Combine this data with your weekly triage approach to confirm that your security posture is actually improving.