Info

The Info tab gives a summary of the project.. The data is presented as widget. The widgets are clickable.

Component widget

Component widget gives the metadata associated with the project including

  • Project Name

  • Project Version

  • Project created date

  • Project created method (scm/image/spdx)

  • Depending on the project creation, additional metadata (e.g. source code repo/tag for scm)

  • Project owner - user who created the SBOM

Findings by severity

Findings by severity table summarizes the findings categorized by severity (critical, high, medium, low). Clicking on the numbers will take you to the search page listing down all components belonging to the respective category.

Vulnerabilities by severity

Vulnerabilities by severity table summarizes the vulnerabilities by severity (critical, high, medium, low). Clicking on the numbers will take you to the search page listing down all components belonging to the respective category.

Unique components by classification

Unique components table shows the unique components by classification (open source, private, third party, unknown). Unique component number lists down unique components only once. For a project, it is possible that one component may appear at multiple places in the dependency tree (including direct and transitive dependencies). This table de-duplicates the occurrence and gives the unique component count. Clicking on the numbers will take you to the search page listing down all components belonging to the respective category.

Lineaje Risk Graph

Lineaje Risk Graph shows the overall risk of the project. The graph gives the quadrant where the overall risk of the project falls. The Y axis represents the aggregated Attestation level (LCAL) of all components in the project and X axis represents the aggregated Risk Level (IRL) of all components in the project.

Issue Count by Vulnerability

This chart gives the number of vulnerabilities against open source, private, third party, unknown components grouped by severity (critical, high, medium, low). Clicking on the numbers will take you to the search page listing down all components belonging to the respective category.

Findings by policy

Findings by policy gives a visualization of the top policies contributing to findings. Clicking on the numbers will take you to the search page listing down all components belonging to the respective category.

Components by age

Components by age table lists down the number of components that are older than certain age intervals (>36 months, 24-36 months, 18-24 months, 5-18 months). Clicking on the numbers will take you to the search page listing down all components belonging to the respective category.

Code quality by classification

This chart gives the number of code quality issues against open source, private, third party components grouped by severity (critical, high, medium, low). Clicking on the numbers will take you to the search page listing down all components belonging to the respective category.

Security posture by classification

This chart gives the number of security posture issues against open source, private, third party components grouped by severity (critical, high, medium, low). Clicking on the numbers will take you to the search page listing down all components belonging to the respective category.

PreviousExplore Your SBOMNextAttestation

Last updated