Lineaje Learning Center
  • About Lineaje
  • Lineaje Product Offering
  • Getting started
    • Create an account
      • Configure Azure AD for sso
      • Configure Okta for sso
    • Onboarding workflow
  • SBOM360, OSM
    • Generate an SBOM
      • Source Code Management (SCM) As Source
        • Public Code Repositories
        • Private Code Repositories
          • Configure GitHub credentials
          • Configure Bitbucket credentials
          • Configure Gitlab credentials
          • Configure Git credentials
          • Configure Azure Repo
        • Frequently Asked Questions
      • Container Image As Source
        • Public Container Image
        • Private Container Image
          • Configure AWS Elastic Container Registry
          • Configure Google Container Registry
          • Configure Docker Hub
          • Configure Generic OCI Registry
          • Configure Azure Container Registry
        • Frequently Asked Questions
      • Existing SBOM As Source
        • EO 14028 checks
      • Manifest file As Source
      • Android Package Kit (APK)
      • Using Lineaje CLI
    • Explore Your SBOM
      • Info
      • Attestation
      • IRL
      • Dependencies
      • Provenance
      • Vulnerabilities
      • Mitigations
      • Security Posture
      • Code Quality
      • Suppliers & Licenses
      • Findings
    • Manage Your SBOM
    • Dashboard
    • Search
    • Policies and Gates
    • Organization and User Management
      • Organization example
    • Lineaje AI
    • AI Plan and AI Remediate
      • JIRA Integration
  • SBOM360 Hub
    • My Products
    • My SBOMS
    • Find & Review SBOMs
    • Manage Your Repository
    • Request and Share SBOMS
    • Settings
    • User Roles
  • Lineaje CLI
    • System Configuration
    • Toolset Configuration
    • CLI Installation
    • CLI Usage
    • Troubleshooting CLI issues
    • Support matrix
  • Integration with CICD pipeline
    • Pre-Requisites
    • Generate Project from source code
      • Project creation using Lineaje cloud
  • Abbreviations and Descriptions
  • Release Notes
    • Unified Scanner for AWS
Powered by GitBook
On this page
  • Component widget
  • Findings by severity
  • Vulnerabilities by severity
  • Unique components by classification
  • Lineaje Risk Graph
  • Issue Count by Vulnerability
  • Findings by policy
  • Components by age
  • Code quality by classification
  • Security posture by classification
  1. SBOM360, OSM
  2. Explore Your SBOM

Info

The Info tab gives a summary of the project.. The data is presented as widget. The widgets are clickable.

Component widget

Component widget gives the metadata associated with the project including

  • Project Name

  • Project Version

  • Project created date

  • Project created method (scm/image/spdx)

  • Depending on the project creation, additional metadata (e.g. source code repo/tag for scm)

  • Project owner - user who created the SBOM

Findings by severity

Findings by severity table summarizes the findings categorized by severity (critical, high, medium, low). Clicking on the numbers will take you to the search page listing down all components belonging to the respective category.

Vulnerabilities by severity

Vulnerabilities by severity table summarizes the vulnerabilities by severity (critical, high, medium, low). Clicking on the numbers will take you to the search page listing down all components belonging to the respective category.

Unique components by classification

Unique components table shows the unique components by classification (open source, private, third party, unknown). Unique component number lists down unique components only once. For a project, it is possible that one component may appear at multiple places in the dependency tree (including direct and transitive dependencies). This table de-duplicates the occurrence and gives the unique component count. Clicking on the numbers will take you to the search page listing down all components belonging to the respective category.

Lineaje Risk Graph

Lineaje Risk Graph shows the overall risk of the project. The graph gives the quadrant where the overall risk of the project falls. The Y axis represents the aggregated Attestation level (LCAL) of all components in the project and X axis represents the aggregated Risk Level (IRL) of all components in the project.

Issue Count by Vulnerability

This chart gives the number of vulnerabilities against open source, private, third party, unknown components grouped by severity (critical, high, medium, low). Clicking on the numbers will take you to the search page listing down all components belonging to the respective category.

Findings by policy

Findings by policy gives a visualization of the top policies contributing to findings. Clicking on the numbers will take you to the search page listing down all components belonging to the respective category.

Components by age

Components by age table lists down the number of components that are older than certain age intervals (>36 months, 24-36 months, 18-24 months, 5-18 months). Clicking on the numbers will take you to the search page listing down all components belonging to the respective category.

Code quality by classification

This chart gives the number of code quality issues against open source, private, third party components grouped by severity (critical, high, medium, low). Clicking on the numbers will take you to the search page listing down all components belonging to the respective category.

Security posture by classification

This chart gives the number of security posture issues against open source, private, third party components grouped by severity (critical, high, medium, low). Clicking on the numbers will take you to the search page listing down all components belonging to the respective category.

PreviousExplore Your SBOMNextAttestation

Last updated 1 year ago