Skip to main content

Application

This template allows you to analyze the findings, the density and the trends of specific projects belonging to an application within a configurable timeframe.

Permissions

To be able to generate the Application report, the user must have access to the projects that compose the application and be associated to an Access Control role that has the generate-application-report permission. Since this permission is not included in any of the default Access Control roles, you must create a new role or edited an existing role, to include the new permission.

KPIs

Application Data

The Application Data card shows details related to the application and its projects, such as the total number of projects, total number of files scanned and total number of scans.

ApplicationData.png

Filtered by

In the Filtered by card you can see which filters were applied for generating the report:

FilteredBy.png

Included: Data included in the report. All data available in the report is filtered according to the specified included filters.

Excluded: Data filtered out from the report.

Specific filters can be applied when generating the application report to restrict and refine the data and the results to analyze.

The following filters can be defined when generating the report:

  • Severity: By default, Low and Information results are excluded.

    • Allowed values to be excluded from the report are High, Medium, Low, and Information.

  • Result State: By default, all Result States are included.

    • Allowed values to be excluded are: To Verify, Confirmed, Urgent, Proposed Not Exploitable, Not Exploitable.

  • Status: By default, only New and Recurrent are included.

    • Allowed values to be excluded are: New, Recurrent, and Resolved.

    • What happens when Resolved Results are included?

      • The Resolved Results section is displayed in the report.

      • All other KPI calculations (outside of Resolved Results section) are not affected by the Resolved Results.

    • What happens when Resolved Results are excluded?

      • The Resolved Results section is not displayed in the report.

  • Timeframe: Defines the date range in the analysis and it is composed of a starting date and an ending date. The maximum allowed period to be defined is 1 year. In case the timeframe is not defined:

    • The Timeframe used is the application’s project lifetime.

    • If the application’s project's lifetime extends more than 1 year, the timeframe starts from the year prior to the last scan date.

  • Data Points: Allowed values are last or first. The default value is last.

    • last: means the last scan is considered.

    • first: means the first scan is considered.

    • Example: 1 week is specified for the Timeframe and first is specified for the Data Points.

      • Each day of the week is considered as a data point.

      • In case there are several full scans on the same day, the results for that day will be represented according to the first scan of the day.

  • Project Custom Fields: By default, all projects are included in the report.

    • The allowed values to be included are based on a key-value pair, where the key is the custom field name and the value is its correspondent value in the project definition.

Total Results Overview

The Total Results Overview provides trend analysis over time, based on the aggregated results for all the application’s projects included in the report.

TotalResultsOverview3TTotalDensities.png

The values displayed in the Density cards are calculated based on the last or first (depending on the selected data point) full scan executed for each project within the timeframe under analysis.

The Preset Change indicators mark the dates when changes to the preset occurred to help you understand how they affect the total results and possible variations in the findings over time. The indicators are displayed only when all the projects share the same preset, otherwise, it will not be displayed in the chart.

In the Total Results Overview chart, the dates on the timeline (x-axis) are based on the length of the timeframe and the report format (as described in Report Formats below). Each date value on the timeline indicates the end date of each data period.

Report Formats:

  • In PDF format, if the timeframe period is:

    • more than 180 days, the data points are every 2 weeks.

    • equal to or more than 30 days and less or equal to 180 days, the data points are per week.

    • less than 30 days, the data points are per day.

  • In JSON format, the full scope of data is presented

Example: Monthly Timeframe

  1. Timeframe: From 1st of January to 30th of January.

  2. Data point: last scan.

  3. Data points are displayed per week, where the first data point identified is the 7th of January and shows the results for the last scan executed between the 1st and the 7th.

  4. The second data point is identified by the 14th of January, the third by the 21st of January, the fourth by the 28th of January and the last would be identified by the 5th of February (even if it extends the timeframe filter).

Example: One-Year Timeframe

  1. Timeframe: From 1st of January to 31st of December.

  2. Data point: first scan.

  3. Data points are displayed every 2 weeks, where the first data point identified is the 14th of January and shows the results for the first scan executed between the 1st and the 14th of January.

Latest Results Overview

The KPIs displayed in the Latest Results Overview are calculated based on the results of the last or first full scan executed (depending on the selected data point defined as a filter) for each project, on the last date available in the specified timeframe.

By State

AppLatestResultsOverByState.png

The pie chart shows the number of results grouped according to each state. The total results and its percentage is displayed for each State.

The KPIs show the aggregated results of all the projects included in the report.

By Status

AppLatestResultsOverByStatus.png

The pie chart shows the number of results grouped by Status (New vs Recurrent). For each status, the total of results and its percentage is displayed.

The KPIs show the aggregated results of all the projects included in the report.

By Severity

AppLatestResultsOverBySeverity.png

This pie chart shows the scan results grouped by severity. For each severity, the total number of results, its percentage, and the trend are displayed. The trend is calculated between the current timeframe and the previous one, meaning that if you are analyzing the last 3 months, the trend is the difference between the results within the timeframe currently under analysis and the results from 3 months ago. The main goal of the trend calculation is to help you understand if the results are decreasing or increasing with time.

The density and density trends are also available in this card.

The KPIs show the aggregated results of all the projects included in the report.

By Project

AppLatestResultsOverByProject.png

The table shows the total number of results by project and for each, there is a breakdown by severity. The team name is also displayed, so you can understand which team owns each project.

The blue capsule shows how many new vulnerabilities appeared and how many were resolved between the current timeframe and the previous one. The Scan Trend is the difference between the New Vulnerabilities and the Resolved ones (New – Resolved).

Top 5 Risky Projects

AppTop5RiskyProjects.png

From all the projects included in the report, the Top 5 Risky Projects are calculated based on the total number of results that each project has in the last full scan executed within the timeframe in analysis. The project having the highest number of results is considered the most risky one. The team name is also displayed, so you can understand which team owns the project.

Top 5 Most Common Vulnerabilities

AppTop5MostCommonVul.png

Using all the included projects as a reference, this card displays the Top 5 Vulnerabilities having the most results and the projects with those top vulnerabilities. For each project, the team name is also displayed.

Total Executed Scans

Top 5 Scanned Projects

AppTotalExecutedScansTop5ScanProj.png

Using all the included projects as a reference, the pie chart displays the Top 5 Projects having the most full scans executed within the timeframe in analysis. For each project, the total number of scans is displayed. For each project, the team name is also displayed.

State Transition Metrics

AppTotalExecScansStateTransMetrics.png

For each transition detected from the project set, within the timeframe in analysis, you can see how many days the transition takes on average, and how many results have changed.

For example, the High results from To Verify to NE:

  • 3 results were changed from To Verify to Not Exploitable.

  • On average the Application takes 24 days to do the transition.

  • The minimum number of days is 20 and the maximum is 29.

Resolved Results Overview

This section only appears if Resolved Results is included in the report (defined in the Filters).

AppResolvedResultsOverview.png

The Resolved Results Overview chart provides trend analysis over time, based on the aggregated resolved results for all the projects included in the report.

The Total Results line shows the number of results currently present in the projects, so you can compare the ratio between resolved and open results.

The Preset Change indicators mark the dates when changes to the preset occurred to help you understand how they affect the total results and possible variations in the results over time. The indicators are displayed only when all the projects share the same preset, otherwise, it will not be displayed in the chart.

Top 5 Projects with Resolved Vulnerabilities

AppTop5ProjectsResolvedVul.png

The Top 5 Projects with Resolved Vulnerabilities shows the projects which had the most results resolved within the timeframe under analysis. The display also shows for each project, the total number of results resolved, arranged according to severity.

Projects

This section displays specific information for each project that is included in the generated application report.

Data Information

AppProjectsDataInfo.png

The Data Information card shows details related to the scanned project, such as the total number of scans executed, the total number of lines of code scanned, scan time average, last scan date, and last data retention execution date.

Latest Results Overview

The KPIs displayed in the Latest Results Overview are calculated based on the results of the last or first full scan executed (depending on the selected data point defined as a filter), on the last date available in the specified timeframe. The last scan details for Scan Id and Scan Date are displayed.

For further details about the By Status and By State KPIs, please see Scan Template.

By Language
AppProjectsLatestResultsOverByLang.png

The stacked chart shows the number of results detected for each scanned language and severity. Trends are also available to help you understand if the results are decreasing or increasing with time. The trend is calculated between the current timeframe and the previous one, meaning that if you are analyzing the last 3 months, the trend is the difference between the last full scan results within the timeframe in analysis and the results from 3 months ago.

Density and density trends are also displayed.

By Severity and Result State
AppProjectsLatestResultsOverBySevResState

The table shows the total number of results by result state and for each, there is a breakdown by severity.

The blue capsule shows how many new vulnerabilities appeared and how many were resolved between the previous full scan and the current one. The overall Trend is the difference between the New Vulnerabilities and the Resolved ones (New – Resolved).

By Vulnerability
AppProjectsLatestResultsOverByVul.png

The table shows the total number of results by vulnerability type and for each, there is a breakdown by result state.

The second column refers to the vulnerability type severity. In case the severity of a result is changed from the default severity to another one, the total results will be displayed under the specific severity column.

The blue capsule shows how many new vulnerabilities appeared and how many were resolved between the previous full scan and the current one. The overall Trend is the difference between the New Vulnerabilities and the Resolved ones (New – Resolved).

All the vulnerability Types displayed in the table are according to the defined filters, meaning that excluded vulnerability types won't be displayed even if they have findings.

Top 5 Vulnerabilities By Severity

This card displays, by each severity, the 5 vulnerabilities having the most results in the last full scan within the timeframe under analysis.

AppProjectsTop5VulBySev.png

For each severity and vulnerability, the total of the results is displayed.

Taking High results as an example, the vulnerability having the most findings is the SQL_Injection with 98 results.

Top 5 Oldest Vulnerabilities by Severity

For further details about this KPI, please see Scan Template.

State Transition Metrics

For further information about the KPI, please see Project Template.

Resolved Results Overview

This section only appears if the Resolved Results are included in the report (defined in the Filters).

Top 5 Resolved Vulnerabilities

For further information about the Top 5 Resolved Vulnerabilities, please see Project Template.

Average (in days) from any transition to Resolved

A vulnerability that disappears between two consecutive scans S1 and S2 of the same project, is considered resolved in scan B.

When a vulnerability does not appear in a new scan, the state transition considers the vulnerability’s most recent state, regardless of the previous states.

For each transition detected in the project, within the timeframe in analysis, you can see how many days the transition takes on average, the maximum of days, the minimum of days, and how many results have changed. All these details are displayed and grouped by severity.

Severity proportions on the graph are calculated based on how many transitions were made on each severity.

This KPI considers full scans only.

6917357732.png

Example:

  • Only results as To Verify were Resolved a total of 40 results.

  • 21 High results were resolved.

  • On average, fixing a High vulnerability takes 1 day.

  • The minimum number of days is 0 and the maximum is 14.

How are the transitions identified?

Example:

  • Scan S1 has the vulnerability V1 as a result, having state = Confirmed

  • Scan S1 has the vulnerability V1 as a result, having state = To Verify

  • V1 state is updated from To Verify to Urgent

  • The source code is fixed

  • Scan S2 is executed and V1 and V1 are not flagged anymore → V1 and V2 are Resolved vulnerabilities

  • Two transitions to Resolved are identified:

    • For V1: Confirmed → Resolved

    • For V1: Urgent → Resolved

What is the behavior when a resolved result reappears?

If a result reappears after being resolved, and it is resolved once again, the two transitions will be considered in two different timelines.

Example:

  • Vulnerability V1 is marked as Confirmed in January 2023

  • Vulnerability V1 is Resolved in February 2023

  • Vulnerability V1 reappears in March 2023 To Verify

  • Vulnerability V1 is Resolved in April 2023

  • Timeframe applied to generate the report is between January 1st and the end of February

    • Only the transition Confirmed → Resolved is considered

  • Timeframe applied to generate the report is between March 1st and the end of April

    • Only the transition To Verify → Resolved is considered

  • Timeframe applied to generate the report is between January 1st and May 1st. The following transitions are considered:

    • Confirmed → Resolved

    • To Verify → Resolved