DigitSec offers a number of helpful data visualizations in different contexts to help communicate important information about workspace findings.
Workspace Dashboard
At the top of each Workspace Dashboard, you can find a Latest Scan donut chart that indicates the number of findings grouped by severity. You can mouse over each segment of the donut chart to see a flyout tooltip that indicates the severity level and the numeric count. The Findings Trend area chart indicates severity finding level trendlines over the last 20 scans. The right-most data point is the most recent scan. You can mouseover each point to see a flyout showing the counts by severity with color legend and the name of the scan.
Scans Index
At a glance, you can now quickly glean a great deal of information regarding each completed scan for a workspace and there is new functionality that lets you find particular scans.
Use the filters menu to activate a query tool to let you search scan history by Scan Title, Scan Initiator, Source, Scan Type, Date Range, Security Gate Status, and assigned Tags.
Below the Scan Title, which can now be edited to be more descriptive than simply the date, users can see from left-to-right:
- Scan Source - What method initiated this scan? The blue cloud logo in the example above shows what will appear for a scan initiated from the web interface. Other icons include things like GitHub, Scheduled Scan or Copado. If you are unsure of an icon's meaning, simply mouseover the icon to see an text description.
- Security Gate Status - What a Security Gate enabled for this scan? If so, a "GATE" text will appear with a Green (PASS) or Red (FAIL) status indicated.
- Active Scan Type - Each component scan will also show up as a pillbox tag indicating that it was part of the scan that was run.
Reports Index
Use the Workspace sub-tab navigation to activate the Reports tab. Each scan has a Report card that shows the title, a pie chart with color legend, and function icons for downloading structured data (down arrow to underbar), printable reports (document with eyeglass), or delete (rubbish bin).
There are four available reports:
- Compliance Report - This is a full report. Users are prompted to select specific (or all) compliance frameworks they wish to view.
- Compliance Summary - This is a summary report. Users are prompted to select specific (or all) compliance frameworks they wish to view.
- Lite Report - This option is similar to the detailed report, but it is designed to generate a smaller-sized file with more simple formatting. This can be useful for sharing the report on a file server or via email.
- Detailed Report - This option is well-formatted and extensive. For Scans that have a large number of issues, the complete data in a well-formatted presentation can yield quite large files that may require special effort to exchange via email or have printed.
Each printable report (except the Lite Report) also contains useful visualizations.
- DigitSec Scan Shield - An explanatory infographic detailing the different scans that DigitSec performs.
- Vulnerability Types - A donut chart with color legend indicating the number of findings grouped by rule. You can mouseover chart segments for a flyover.
- Vulnerability Security Overview - A donut chart with color legend similar to the one found on the Latest Scan pane of the Workspace Dashboard.
- Vulnerability Compliance Overview - A donut chart with color legend indicating the number of findings grouped by compliance framework and associated control.
Scan Statistics
On the Scans Index of the Workspace Dashboard, each scan record has an ellipsis menu at the end of the row. Select Scan Statistics to find the following interactive visualizations.
- Trending Scans - The total vulnerability count for each of the last 20 scans.
- Vulnerability Types - The count of vulnerabilities group by finding type. Mouse over a specific segment to see the finding type and number.
- Vulnerability Severity Overview - A donut chart with color legend similar to the one found on the Latest Scan pane of the Workspace Dashboard.
Scan Statistics also include the following data points under the Org & Scan Stats header.
- Status
- Scan Type(s)
- Scan Source
- Initiated By
- Scan Start
- Scan Finish
- Scan Duration
- Org Size
- Track Findings per Org Setting
View Logs
For Admin level users, on the Scan Report Index of the Workspace dashboard, each scan record has an ellipsis menu at the end of the row. Select View logs to see the log activity data for a particular scan.
The default display shows a Log Severity Level icon, the Date and Time of the event, an Event Summary, and a Detailed Trace Message. Users can view the complete life-cycle of the scan for a particular scan.
Admin Users can also access Logging via the Main Navigation by clicking on Set-up --> Logging. They'll be able to use the filter menu to look for particular activity using different parameters like Start Date, End Date, Action Originator, Summary Message or Event Severity.
Here is a list of valid severity levels:
- Info - Represented by a green document icon with a checkmark
- Low - Represented by a blue open book icon
- Medium - Represented by a purple pyramid with an exclamation mark
- High - Represented by a gold circle with an exclamation mark
- Critical - Represented by a red circle with an X mark.