search

Organization Security Posture

The Organization Security Posture page is the default landing page upon logging in to Delivery Shield. It provides a consolidated, organization-wide view of application risk status, open security issues, and deployment activity across your software supply chain.

hashtag
Staging / Production / Dev Environment

The dashboard displays application and their data specific to a environment. Select the Environment from the Environment panel adjacent to the Application Summary panel, to filter the view by Dev, Staging, or Production.

hashtag
Summary Panel

The Summary Panel appears at the top of the dashboard and consists of three sub-panels:

Application Risk — Displays the total number of onboarded applications and their distribution across risk levels. Risk levels are determined by rule validations performed at each stage of the software supply chain. Each rule carries a weighted score, and the aggregate score at the service and application level determines the overall risk classification. Possible risk levels are: Critical Risk, High Risk, Medium Risk, Low Risk, and Scanning.

Open Security Issues — Displays the total number of active security alerts across all applications, categorized by supply chain stage: Source, Build, Artifact, Deploy, and Post Deploy. Clicking anywhere on this panel navigates to the Security Alerts details page.

Deployment Status — Displays the total count of allowed and blocked deployments across all the applications. This panel provides a quick view of deployment gate enforcement activity across the organization.

circle-info

  1. The various features available in Delivery Shield are displayed in the left panel.

  2. A toggle button to expand and collapse the feature list is provided at the bottom.

  3. You can logout of the application by clicking the Logout button.

hashtag
Application Summary

The Application Summary table is displayed below the Summary Panel and lists all onboarded applications with their current security details. The table includes the following columns:

  • Application — The unique name of the application. Click the application name to navigate to the Application Security Posture page.

  • Version — The latest tracked version of the application.

  • Stage Scores — The number of artifacts built and deployed for the application.

  • Last Deployed — The date and time of the most recent deployment.

  • Team — The team responsible for the application.

  • Namespace — The Kubernetes namespace associated with the application.

  • DBOM Status — The Deployment Bill of Materials status. Click View to open the full DBOM report for the application.

  • Cluster — The name of the cluster to which the application is deployed.

  • Open Issues — The number of unresolved security issues for the application.

  • Owner — The user who created the application in Delivery Shield.

You can choose the group or team for which you want the applications to be listed by clicking the Teams button. On clicking Teams, the list of available teams appears as shown below:

To view the Application Summary of a specific team's applications, click the Teams button. Select one or more teams from the list that appears, then click Apply. The table then only displays the applications associated with the selected team(s). For information on managing teams and access, refer Viewing Access Managementarrow-up-right.

hashtag
Smart Search

The Smart Search feature enables you to filter and locate applications based on specific attributes. Applications can be searched based on Application Name, Artifact, Cluster, Component, Risk Status, Vulnerability.

To perform a search, click the search bar, select a category from the dropdown, enter the search term, and press Enter. The Application Summary table updates to display matching results.

The following example shows searching for the applications based on the Vulnerability.

  • Select Vulnerability from the search dropdown. Enter the vulnerability name as shown below and press Enter. The applications with the specified vulnerability are displayed.

  • Click the application name and the affected environment is highlighted and the current deployments impacted by the vulnerability are displayed as shown below:

  • Click the Vulnerability count for any deployment. The vulnerabilities details page is displayed. In the search bar, select Vulnerability, and choose the same vulnerability name. All components associated with that deployment and vulnerability are listed.

hashtag
Show/Hide Columns

The column customization option is also available. You can prefer to show or hide the columns in the applications list. To do so, click the (three dots) Show / Hide Columns icon. The list of available columns will appear.

You can select/deselect a particular column from the drop-down to add/remove it from the applications table as shown below:

PreviousView Security PostureNextApplication Security Posture

Last updated