From Analytics > Veracode Dashboards, visualizations are available to help you understand the security status of your application and how your organization uses the Veracode Platform.
You can see all the Veracode dashboards, however, Veracode only provides data for products that your organization has purchased.
Policy Compliance Overview
Overview of the policy compliance of your application. You can view your policy compliance over time, the applications that are passing policy, and the teams or business units that have applications passing policy.
Data on scan activity, including which types of scans occur, who submits scans, and how many applications have been scanned multiple times.
Sandbox Scan Activity
Data on the sandbox utilization. You can view which teams and business units have completed sandbox scans, which provide ability to scan applications and measure the results against the policy rules without affecting the policy compliance of the entire application.
Details on scan completion time. You can view scan times by language or scan type.
Details on the most-prevalent findings in your applications over time. You can view the most-seen Common Weakness Enumeration (CWE) categories, as well as the most-frequent open, closed, and reopened CWEs.
Findings Status and History
Data on your findings to help you view the security state of your application and how effectively your business units and teams resolve findings. You can view the age of open flaws, the severity of your findings, and the time to resolve findings.
Resolution and Mitigation Details
Insights into how your findings are closed or mitigated. You can determine if users are taking mitigation actions to temporarily address findings, or if findings are resolved through scans.
Data on security consultation utilization and how consultations improve the density of your flaws. Consultation calls answer specific questions you have about your scan results, help you understand the significance of the flaws, and provide guidance on remediation and mitigation. The security consultation dashboard reports on consultations that you scheduled through the Veracode Platform, but not any you scheduled by emailing Veracode Technical Support.
Veracode Fix-able Findings
Veracode Static Analysis does not differentiate between .NET languages in the Latest Language Scanned field. Veracode determines that a finding is written in C# by viewing the filename extension and aggregating it with information returned by the scanner.
Security Program Overview
Data to help you track and understand how your AppSec program is trending, based on your target goals. This dashboard shows current and historical trends for policy compliance, and assists you in understanding policy compliance behavior.
Data on your SCA components and vulnerabilities to help you understand the open-source vulnerabilities within your application portfolio. You can also view component usage and license risk information.
Data on Greenlight scan usage by users and by language, as well as findings results.
You can select the share icon () The share icon in the bottom-right corner of each dashboard to share a link to the dashboard. You have the option to copy the link to your clipboard or to send the link by email, which opens your email client.
If you want to view data differently than the predefined dashboards, you can modify existing dashboards and visualizations to suit your own needs. You have the ability to customize dashboards and visualizations to view your data in different ways. You can also save and share customized dashboards to your personal space, or with other people on your team.
Dimensions and measures data dictionary
View descriptions for all dimensions and measures to understand the data elements used in Veracode Analytics.