Understanding Veracode Analytics Dashboards

Analytics

Publication
Analytics
Edition date
2022-11-29
Last publication
2022-11-29T16:30:31.095082

From Analytics > Veracode Dashboards, visualizations are available to help you understand the security status of your application and how your organization uses the Veracode Platform.

You can see all the Veracode dashboards, however, Veracode only provides data for products that your organization has purchased.

Veracode Dashboards

Policy Compliance Overview

Overview of the policy compliance of your application. You can view your policy compliance over time, the applications that are passing policy, and the teams or business units that have applications passing policy.

Scan Activity

Data on scan activity, including which types of scans occur, who submits scans, and how many applications have been scanned multiple times.

Sandbox Scan Activity

Data on the sandbox utilization. You can view which teams and business units have completed sandbox scans, which provide ability to scan applications and measure the results against the policy rules without affecting the policy compliance of the entire application.

Scan Times

Details on scan completion time. You can view scan times by language or scan type.

Findings Details

Details on the most-prevalent findings in your applications over time. You can view the most-seen Common Weakness Enumeration (CWE) categories, as well as the most-frequent open, closed, and reopened CWEs.

Findings Status and History

Data on your findings to help you view the security state of your application and how effectively your business units and teams resolve findings. You can view the age of open flaws, the severity of your findings, and the time to resolve findings.

Resolution and Mitigation Details

Insights into how your findings are closed or mitigated. You can determine if users are taking mitigation actions to temporarily address findings, or if findings are resolved through scans.

Security Consultation

Data on security consultation utilization and how consultations improve the density of your flaws. Consultation calls answer specific questions you have about your scan results, help you understand the significance of the flaws, and provide guidance on remediation and mitigation. The security consultation dashboard reports on consultations that you scheduled through the Veracode Platform, but not any you scheduled by emailing Veracode Technical Support.

Security Program Overview

Data to help you track and understand how your AppSec program is trending, based on your target goals. This dashboard shows current and historical trends for policy compliance, and assists you in understanding policy compliance behavior.

SCA Findings

Data on your SCA components and vulnerabilities to help you understand the open-source vulnerabilities within your application portfolio. You can also view component usage and license risk information.

Greenlight Usage

Data on Greenlight scan usage by users and by language, as well as findings results.

Sharing Dashboards

You can click the share icon () The share icon in the bottom-right corner of each dashboard to share a link to the dashboard. You have the option to copy the link to your clipboard or to send the link by email, which opens your email client.

Customizing Dashboards

If you want to view data differently than the predefined dashboards, you can modify existing dashboards and visualizations to suit your own needs. You have the ability to customize dashboards and visualizations to view your data in different ways. You can also save and share customized dashboards to your personal space, or with other people on your team.

Dimensions and Measures Data Dictionary

View descriptions for all dimensions and measures to understand the data elements used in Veracode Analytics.