From Veracode Platform, visualizations are available to help you understand the security status of your application and how your organization uses the
- Policy Compliance Overview
- Provides an overview on the policy compliance of your application. You can view your policy compliance over time, the applications that are passing policy, and the teams or business units that have applications passing policy.
- Scan Activity
- Provides data on scan activity, including which types of scans occur, who submits scans, and how many applications have been scanned multiple times.
- Sandbox Scan Activity
- Provides data on the utilization of sandboxes. You can view which teams and business units have completed sandbox scans, which provide ability to scan applications and measure the results against the policy rules without affecting the policy compliance of the entire application.
- Scan Times
- Provides details on the time it takes for scans to complete. You can view scan times by language or scan type.
- Findings Details
- Provides details on the most-prevalent findings in your applications over time. You can view the most-common Common Weakness Enumeration (CWE) categories, as well as the most-frequent open, closed, and reopened CWEs.
- Findings Status and History
- Provides data on your findings to help you view the security state of your application and how effectively your business units and teams resolve findings. You can view the age of open flaws, the severity of your findings, and the time to resolve findings.
- Resolution and Mitigation Details
- Provides insights into how your findings are closed or mitigated. You can determine if users are taking mitigation actions to temporarily address findings, or if findings are resolved through scans.
- Security Consultation
- Provides data on security consultation utilization and how consultations improve the density of your flaws. Consultation calls answer specific questions you have about your scan results, help you understand the significance of the flaws, and provide guidance on remediation and mitigation. The security consultation dashboard reports on consultations that were scheduled through the Veracode Platform, not those scheduled by emailing Veracode Technical Support.
If you want to view data differently than the predefined dashboards, you can modify existing dashboards and visualizations to suit your own needs. You have the ability to customize dashboards and visualizations to view your data in different ways. You can also save and share customized dashboards to your personal space, or with other people on your team.
Dimensions and Measures Data Dictionary
View descriptions for all dimensions and measures to understand the data elements used in Veracode Analytics.