Threatrix Documentation
Threatrix
  • Getting Started
  • Developer Quick Start
  • SecureShip
    • Artifactory Scanning
    • ThreatAgent Scanning
  • Threat Center
    • Creating Account
      • OAuth Login
    • Entity Dashboard
    • User Profile
  • AICertify
    • Reviewing Results
  • codecertify
    • Quick Start
    • Project Summary Tab
    • Components Tab
      • Custom Components
        • Adding
        • Editing
        • Important Notes
      • Header Panel
      • Module Tree Panel
      • Results Panel
        • Card View
        • Risk Graph View
      • Audit History
    • Assets Tab
      • Custom Asset Matches
        • Adding Asset Match
  • securecore
    • Project Dashboard
    • ThreatScan
    • Scan Results
  • Threat Agent
    • Threat Agent Overview
    • Threat Agent - Installation & Scanning
    • Scan Summary Reports
    • Resolving Errors
    • Scanning Container Images
  • Integrations
    • Dependency Managers
      • RENV
    • Build Integrations
      • AWS CodeBuild
      • Azure DevOps
      • Bitbucket Pipeline
      • CircleCI
      • GitHub Action
      • GitLab Pipeline
      • Jenkins Pipeline
    • SCM Integrations
      • GitLab
      • Bitbucket
    • Issue Management
      • Jira
    • Notifications
  • Policy Management
    • Policy Overview
    • Creating Policies
    • Policy Conditions
    • Policy Actions
    • Policy Scopes
  • Administration
    • User Management
    • Organization Settings
      • Organization Knowledge Base
      • Integration
        • Slack Integration
        • Jira Integration
        • Service Keys
    • RBAC
    • Entity Management
    • Okta
      • Okta Org2Org Integration
  • GraphQL API
    • API Overview
  • Resources
    • Dependency Managers
      • PIP
    • Dictionary
    • Licenses
    • Security & Privacy
    • Binary File Support
  • Hybrid / On Premise
    • Getting Started
    • Installation
    • Upgrade
    • Setup
    • Cloud Data Disclosure
    • Troubleshooting
Powered by GitBook
On this page
  • Project Modules
  • Adding a module
  • Deleting a Module
  • Removing a Module
  • Moving a Module
  • Branch and tag module alignment
  • CodeCertify Project Review Status & Metrics
  • CodeCertify Module review status and meta data
  • Module Menu Items
  • Adding Module to a report
  • Scan History
  • Re scan
  • Licenses
  • Vulnerabilities

Was this helpful?

  1. codecertify

Project Summary Tab

PreviousQuick StartNextComponents Tab

Last updated 3 months ago

Was this helpful?

Project Modules

Modules represent a unit of code that's part of the overall data that makes up a CodeCertify project. Modules help your team to understand, mange and report on more granular units of risk as part of the whole CodeCertify project. Modules are helpful because they also allow your team to create take actions and create policy for the module independent of the whole project.

Adding a module

A new module can be added by selecting the Add Moudle link shown at the top of the module pane. This produces a dialog that enables you to select the origin of the module. This is a contextual dialog and varies among Threatrix products.

The Drag and Drop options are available by default. `Connect` options will depend on your organizations configuration. If you have On Premise source control management systems that are not shown, those can be configured through the Admin panel.

Deleting a Module

Delete a module both removes it from your CodeCertify project and also deletes the underling SecureCore project represented by the module.

Removing a Module

Removing a module removes the module from the CodeCertify project but does not delete the underlying SecureCore project that's represented by the module.

Moving a Module

A module may also be moved to a different project, which may be helpful for various reasons.

Choosing to move a module will produce a dialog from which you can select the destination project denoted by AIC for AICertify projects and CC for CodeCertify projects.

Branch and tag module alignment

CodeCertify helps your team manage reporting associated by aggregating data across your modules. Aligned modules can then be used to generate currently and historical release reports to share with interested parties, like team members or regulators.

This feature requires that your ThreatAgent(link) scan setup include both branch and tag information that will be used to populate the options in the respective drop down menus

By selecting s specific branch and tag, those modules containing scans configured with the respective branch and tag values will be selected across all modules. This allows your team to quickly create reports for a given release.

Only modules that contain scans with the selected values will be displayed and used for reporting. Be sure to double check the results to ensure all nececssary modules are included.

Once your aligned your modules, all reports will contain only the data from specific scan for each module. Simply select a report type to export the report.

CodeCertify Project Review Status & Metrics

CodeCertify projects allow your team to review artifacts to Approve, Reject or Ignore the artifacts in order to classify their risk and generate actionable policy. Summarized Review status metrics provide a useful measure of completion.

By default, the review status reflects aggregated data for all modules included in the project.

CodeCertify Module review status and meta data

By selecting a module, you can view the review status for individual modules. When a module is selected, the Modules most recent scan meta data is also displayed.

Module Menu Items

Adding Module to a report

By default, all modules in a project are exported to generated reports. However, one or more modules may be selected to create reports from a subset of the complete data for project by selecting the "Add to report" icon shown below.

Scan History

Scan history is kept forever, even beyond the end of time as we have made a pact with the universe to store data in the ether. Ok, not really, but we keep scan data until you fire us. You can see the complete scan history for a module by selecting the Scan Hisotry icon shown below.

Re scan

A module can be rescaned by clicking the Scan Again icon:

Licenses

By default, the licenses tab reflects a unique list of licenses across all modules. You can display the licenses for a single module by selecting the module in the left module pane.

Vulnerabilities

By default, the licenses tab reflects a unique list of licenses across all modules. You can display the licenses for a single module by selecting the module in the left module pane.

CodeCertify Project Summary Tab
CodeCertify project modules pane
CodeCertify Add Module Dialog
CodeCertify Choose a project dialog
CodeCertify branch and tag module scan alignment
CodeCertify report export menu
CodeCertfify Single module metrics
CodeCertify Module Add to Report
CodeCertify module scan history
CodeCertify module rescan
Licenses for all modules
Licenses for selected module