Application overview
The homepage of the Qwiet Dashboard is the Applications view. This page provides an overview of all the applications submitted by your organization for analysis by preZero.
Summary information
At the top of the page, you'll see summary information for your orgs' applications, including:
- The number of applications your organization has submitted;
- The total number of findings (including AI-identified ones) for all of your organization's applications;
- The number of application groups (which you can manually create to group similar applications) you have;
- The number of teams you've created for your organization.
Applications submitted
Below the summary information is a full list of the applications that your org has submitted. Clicking on the application itself will take you to its detailed information page.
The list of applications is displayed chronologically, with the most recently scanned application at the top. You can, however, change it to sort by:
- App name
- The number of vulnerabilities of a given severity (e.g.,
critical
ormedium
) - The number of reachable/unreachable vulnerabilities
- The number of container-related vulnerabilities of a given severity (e.g.,
critical
orhigh
) - The number of secrets
Furthermore, you can choose to sort in ascending or descending order.
Filtering
To find a specific application in the complete list, you can filter for it using the search bar (the filter accepts application, group, team, and repository names). You can also filter your applications based on their language type or Git branch.
Overview information for specific applications
For each application associated with your org, Qwiet displays graphs of the following:
- The number of vulnerabilities found; each bar represents a different severity (e.g., the first bar of the graph reflects the number of critical vulnerabilities found)
- The number of OSS vulnerabilities found, including the number of reachable vs. unreachable vulnerabilities
- The number of Container vulnerabilities found, as well as the number of reachable vs. unreachable vulnerabilities
- The number of other findings (Secrets, Insights)
Severity levels
The severity levels with which the findings are tagged are based on the CVSS 3.1 score associated with the finding:
CVSS Score | Severity level |
---|---|
CVSS score between 0.1 and 4 | Low |
CVSS score between 4.0 and 7 | Medium |
CVSS score between 7.0 and 9 | High |
CVSS score above 9.0 | Critical |
Deleting an application
If you want to delete an application from your Qwiet account, you can do so by clicking the ellipses to the right of the application and selecting Delete App.
You'll be prompted to enter the name of your application before you can proceed by clicking Delete App.
App Groups
App Groups allow you to group like applications based on the needs of your business. For example, you might choose to create groups for your teams or departments. Groups are also helpful if you submit portions of your apps. For example, if a monorepo requires you to submit the front-end and back-end code individually, you can create a group that includes both apps. This lets you view them together in the Qwiet dashboard.
You can create a new app group via the summary view of the overview page:
- In the box (at the top of the page) that lists the number of app groups your org owns, click + ADD.
- Provide a Group Name.
- Select one or more Applications to include in the group.
- Click Save to proceed.
CLI
You can create an app group via the CLI when you're submitting an app for analysis:
sl analyze --tag app.group=<groupName> # provide the group name desired.
Repeat this tag's use for all applications you want to be included in the app group when submitting it to Qwiet for analysis.
You can add a single application to multiple groups by adding additional flags to the
sl analyze
command:--tag app.group=<name1> --tag app.group=<name2>
.
Teams
Teams allow you to group both users and applications. With the appropriate permissions set, you can limit users to only accessing applications in their team.
You can create a new team via the summary view of the overview page:
- In the box (at the top of the page) that lists the number of teams your org owns, click + ADD.
- Provide a Team Name.
- Select one or more Applications to include in the group.
- Click Save to proceed.
To add users to the team:
- In the top navigation bar, click on Organization.
- Switch to the Manage Teams page.
- Click the team to which you'd like to add members.
- Click Add Team User.
- Select the Users to be added and their Team Role.
- Click Add User to save.
You can repeat the final two steps if you need to add users with different permissions levels.