Lineaje Learning Center
  • About Lineaje
  • Lineaje Product Offering
  • Getting started
    • Create an account
      • Configure Azure AD for sso
      • Configure Okta for sso
    • Onboarding workflow
  • SBOM360, OSM
    • Generate an SBOM
      • Source Code Management (SCM) As Source
        • Public Code Repositories
        • Private Code Repositories
          • Configure GitHub credentials
          • Configure Bitbucket credentials
          • Configure Gitlab credentials
          • Configure Git credentials
          • Configure Azure Repo
        • Frequently Asked Questions
      • Container Image As Source
        • Public Container Image
        • Private Container Image
          • Configure AWS Elastic Container Registry
          • Configure Google Container Registry
          • Configure Docker Hub
          • Configure Generic OCI Registry
          • Configure Azure Container Registry
        • Frequently Asked Questions
      • Existing SBOM As Source
        • EO 14028 checks
      • Manifest file As Source
      • Android Package Kit (APK)
      • Using Lineaje CLI
    • Explore Your SBOM
      • Info
      • Attestation
      • IRL
      • Dependencies
      • Provenance
      • Vulnerabilities
      • Mitigations
      • Security Posture
      • Code Quality
      • Suppliers & Licenses
      • Findings
    • Manage Your SBOM
    • Dashboard
    • Search
    • Policies and Gates
    • Organization and User Management
      • Organization example
    • Lineaje AI
    • AI Plan and AI Remediate
      • JIRA Integration
  • SBOM360 Hub
    • My Products
    • My SBOMS
    • Find & Review SBOMs
    • Manage Your Repository
    • Request and Share SBOMS
    • Settings
    • User Roles
  • Lineaje CLI
    • System Configuration
    • Toolset Configuration
    • CLI Installation
    • CLI Usage
    • Troubleshooting CLI issues
    • Support matrix
  • Integration with CICD pipeline
    • Pre-Requisites
    • Generate Project from source code
      • Project creation using Lineaje cloud
  • Abbreviations and Descriptions
  • Release Notes
    • Unified Scanner for AWS
Powered by GitBook
On this page
  • What are Findings?
  • Understanding Findings
  1. SBOM360, OSM
  2. Explore Your SBOM

Findings

PreviousSuppliers & LicensesNextManage Your SBOM

Last updated 1 year ago

What are Findings?

Findings of an project are the results of policy evaluation.

There could be multiple policies attached to an project and there would as many findings associated.

Policies get associated with a project via . A gate can be defined at an organization level. All policies associated with the gate will be run against the projects in that organization.

Understanding Findings

  • All components that are flagged by the policy evaluation are displayed towards left, along with the category of the components (open-source, private, third-party, unknown).

  • The findings are displayed towards the right, categorized as critical, high, medium, low.

  • The severity associated with a policy decides the severity of the finding. A policy marked as critical, when check fails, will generate a critical severity finding.

  • Each tile is clickable which will list down the components applicable to that filter in a table view. The details will list the policy name that triggered this finding, the gate associated with the finding, severity of the finding.

Gates