The dashboard's landing page displays a list of the applications whose code you have submitted to ShiftLeft for analysis (ShiftLeft automatically adds and tracks your applications upon submission), as well as aggregate vulnerability information for your organization:
For each application that you've submitted to ShiftLeft for analysis, you'll see:
- The number of vulnerabilities identified, including the severity levels
- The number of open-source vulnerabilities identified and whether they're reachable/unreachable (if applicable)
- The number of secrets and insights identified as being present in your code
- Scan details, including when it was run and any optional parameters that were provided when starting the scan
Clicking on an individual application will bring you to the applications overview for that application.
The severity levels with which the findings are tagged are based on the CVSS 3.1 score associated with the finding:
|CVSS Score||Severity level|
|CVSS score between 0.1 and 4||Low|
|CVSS score between 4.0 and 7||Medium|
|CVSS score between 7.0 and 9||High|
|CVSS score above 9.0||Critical|
Creating app groups
If you have multiple applications related to one another, you can create an app group. Each application is still analyzed individually, and ShiftLeft annotates any identified vulnerabilities with the application's name in which they can be found. On the App Groups section of the dashboard, all grouped applications will display under a single hide/show toggle on the dashboard.
You can create app groups via the dashboard or the CLI when submitting an app for analysis.
You can create app groups via the Dashboard:
- Near the top of the dashboard overview, find the groups box and click + Add.
- Provide a Group Name.
- Select the Applications you would like to be included with the group.
- Click Save.
You can create an app group via the CLI when you're submitting an app for analysis:
Repeat the use of this tag for all applications that you want to be included in the app group when submitting it to ShiftLeft for analysis.
You can add a single application to multiple groups by adding additional flags to the
--tag app.group=<name1> --tag app.group=<name2>.
Managing app groups
To manage your app group, click the ellipsis to the right and select Manage App Group. In the window that opens, you can:
- Update the Group Name;
- Select/unselect applications to change those that are included in the group.
To delete an app group, the ellipsis to the right of the group and click Delete App Group. Click Delete App Group in the pop-up window to confirm this action.
Deleting an application
If you want to delete an application from your ShiftLeft account, you can do so by clicking the ellipses to the right of the application and selecting Delete App.
You'll be prompted to enter the name of your application before you can proceed by clicking Delete App.
The Teams tab of the dashboard lists the teams that are associated with your organization. Each team consists of one or more applications that the users of that team can access.
To manage your team, click the ellipsis to the right and select Manage Team. In the window that opens, you can select/unselect applications to choose the ones that will be a part of the team.