Organization Security Posture

After you log in to the SSD application, the Home page appears. It displays the organization level security status based on the applications’ risk status. The status is displayed in form of summary panels.

The Application Compliance summary panel displays the total number of applications that are available and the risk level count of the total applications.

The Supply Chain Security Alerts panel displays the total number of alerts notified in the available applications.

The SSD application dashboard appears as shown below:

Summary Panel

In the above dashboard, you can see the high level overview of your applications and the overall summary of the risks and alerts.

The Application Compliance panel displays the security status of all the applications based on the validations that happen at each stage of the software supply chain. The status is determined based on several rule validations that happen at each stage of the software supply chain for an application. Each rule is assigned a score, and this scoring, collected at the service level and application level, determines whether the application is at Apocalypse Risk, High Risk, Low Risk or Medium Risk.

You can sort the details based on the risk level by clicking on the relevant risks and the applications having the selected risks are displayed below.

The Supply Chain Security Alerts panel displays the summary of security alerts at each stage of a supply chain. On clicking anywhere in this panel, it takes you to the supply chain security alerts details page. The panel displays the alerts notified at each stage of the software supply chain namely Source, Build, Artifact and Deploy.

Application Summary

The list of all the applications is displayed at the bottom with more details of it. The various details of the applications that are listed are:

  • Application Name: Displays the unique name given for the application. On clicking the application name, the application status page is displayed.

  • Risk Status: Displays the risk status of the application namely; apocalypse, low, high, medium.

  • Tools: Displays the list of all the tools (icons) connected to ISD.

  • Deployed At: Displays the date and time of the deployment.

  • Open Security Issue: Displays the total number of open security issues for the given application.

  • Namespace: Displays the namespace of the given application.

  • DBOM: Displays the DBOM of the application, on clicking the View button.

  • Cluster: Displays the cluster name of the given application.

  • Owner: The name of the person who created the application.

You can choose the group or team for which you want the applications to be listed by clicking the Teams button. On clicking Teams, a popup appears as shown below:

Select the team name and click Apply. The applications related to that team or group are only displayed in the application summary panel. To know more on teams, refer Viewing Access Management.

The smart search option enables searching for applications based on Images, Application Name, Artifact, Risk Status, Cluster, Components or Vulnerabilities. You can enter the name and search for the specific application.

The following example shows searching for the applications based on the Vulnerability.

  • Select Vulnerability from the search dropdown. Now enter the vulnerability name as shown below and press Enter. The applications with the given vulnerability are displayed.

  • Select a application and click it. The environment in which the vulnerability is found is highlighted and the current deployments with the selected vulnerability are displayed as shown below.

  • Click on any Vulnerability count for the displayed current deployments.

  • The vulnerabilities details page is displayed. Click search and select Vulnerability from the search options.

  • Now select the same vulnerability name from the displayed list. All the components related to the selected current deployment are displayed.

Show/Hide Columns

You can prefer to show or hide the columns in the applications list. To do so, click the Show / Hide Columns icon. The list of available columns will appear. You can select/deselect a particular column from the drop-down to add/remove it from the applications table as shown below:

Staging / Production / Dev Environment

The applications that are displayed can be viewed based on the environment also. The Environment panel is provided next to the application summary panel. You can choose the environment staging or production or dev for which the applications needs to be displayed by selecting the environment dropdown.

Last updated