Understanding Veracode Analytics dashboards
From Analytics > Veracode Dashboards, visualizations are available to help you understand the security status of your application and how your organization uses the Veracode Platform.
You can see all the Veracode dashboards, however, Veracode only provides data for products that your organization has purchased.
Veracode dashboards
Policy Compliance Overview
Overview of the policy compliance of your application. You can view your policy compliance over time, the applications that are passing policy, and the teams or business units that have applications passing policy.
Scan Activity
Data on scan activity, including which types of scans occur, who submits scans, and how many applications have been scanned multiple times.
Sandbox Scan Activity
Data on the sandbox utilization. You can view which teams and business units have completed sandbox scans, which provide ability to scan applications and measure the results against the policy rules without affecting the policy compliance of the entire application.
Scan Times
Details on scan completion time. You can view scan times by language or scan type.
Findings Details
Details on the most-prevalent findings in your applications over time. You can view the most-seen Common Weakness Enumeration (CWE) categories, as well as the most-frequent open, closed, and reopened CWEs.
Findings Status and History
Data on your findings to help you view the security state of your application and how effectively your business units and teams resolve findings. You can view the age of open flaws, the severity of your findings, and the time to resolve findings.
Resolution and Mitigation Details
Insights into how your findings are closed or mitigated. You can determine if users are taking mitigation actions to temporarily address findings, or if findings are resolved through scans.
Security Consultation
Data on security consultation utilization and how consultations improve the density of your flaws. Consultation calls answer specific questions you have about your scan results, help you understand the significance of the flaws, and provide guidance on remediation and mitigation. The security consultation dashboard reports on consultations that you scheduled through the Veracode Platform, but not any you scheduled by emailing Veracode Technical Support.
Fix Usage
Data on how your organization has used Veracode Fix. You can view data on users, including the CLI and IDE users, and on which CWEs you have addressed.
Veracode Fix-able Findings
Overview of how Veracode Fix may impact the security posture of your organization, both overall and on a per-language basis. The following languages are currently supported in the Veracode Fix dashboard: C#, Java, and Javascript. This dashboard will be updated as Veracode Fix continues to support additional languages and CWEs.
Veracode Static Analysis does not differentiate between .NET languages in the Latest Language Scanned field. Veracode determines that a finding is written in C# by viewing the filename extension and aggregating it with information returned by the scanner.
Security Program Overview
Data to help you track and understand how your AppSec program is trending, based on your target goals. This dashboard shows current and historical trends for policy compliance, and assists you in understanding policy compliance behavior.
SCA Findings
Data on your SCA components and vulnerabilities to help you understand the open-source vulnerabilities within your application portfolio. You can also view component usage and license risk information.
Greenlight Usage
Data on Greenlight scan usage by users and by language, as well as findings results.
Sharing dashboards
You can select the share icon () The share icon in the bottom-right corner of each dashboard to share a link to the dashboard. You have the option to copy the link to your clipboard or to send the link by email, which opens your email client.
Customizing dashboards
If you want to view data differently than the predefined dashboards, you can modify existing dashboards and visualizations to suit your own needs. You have the ability to customize dashboards and visualizations to view your data in different ways. You can also save and share customized dashboards to your personal space, or with other people on your team.
Dimensions and measures data dictionary
View descriptions for all dimensions and measures to understand the data elements used in Veracode Analytics.