Project Summary Tab

Project Modules

Modules represent a unit of code that's part of the overall data that makes up a CodeCertify project. Modules help your team to understand, mange and report on more granular units of risk as part of the whole CodeCertify project. Modules are helpful because they also allow your team to create take actions and create policy for the module independent of the whole project.

Adding a module

A new module can be added by selecting the Add Moudle link shown at the top of the module pane. This produces a dialog that enables you to select the origin of the module. This is a contextual dialog and varies among Threatrix products.

The Drag and Drop options are available by default. `Connect` options will depend on your organizations configuration. If you have On Premise source control management systems that are not shown, those can be configured through the Admin panel.

Deleting a Module

Delete a module both removes it from your CodeCertify project and also deletes the underling SecureCore project represented by the module.

Removing a Module

Removing a module removes the module from the CodeCertify project but does not delete the underlying SecureCore project that's represented by the module.

Moving a Module

A module may also be moved to a different project, which may be helpful for various reasons.

Choosing to move a module will produce a dialog from which you can select the destination project denoted by AIC for AICertify projects and CC for CodeCertify projects.

Branch and tag module alignment

CodeCertify helps your team manage reporting associated by aggregating data across your modules. Aligned modules can then be used to generate currently and historical release reports to share with interested parties, like team members or regulators.

This feature requires that your ThreatAgent(link) scan setup include both branch and tag information that will be used to populate the options in the respective drop down menus

By selecting s specific branch and tag, those modules containing scans configured with the respective branch and tag values will be selected across all modules. This allows your team to quickly create reports for a given release.

Once your aligned your modules, all reports will contain only the data from specific scan for each module. Simply select a report type to export the report.

CodeCertify Project Review Status & Metrics

CodeCertify projects allow your team to review artifacts to Approve, Reject or Ignore the artifacts in order to classify their risk and generate actionable policy. Summarized Review status metrics provide a useful measure of completion.

By default, the review status reflects aggregated data for all modules included in the project.

CodeCertify Module review status and meta data

By selecting a module, you can view the review status for individual modules. When a module is selected, the Modules most recent scan meta data is also displayed.

Module Menu Items

Adding Module to a report

By default, all modules in a project are exported to generated reports. However, one or more modules may be selected to create reports from a subset of the complete data for project by selecting the "Add to report" icon shown below.

Scan History

Scan history is kept forever, even beyond the end of time as we have made a pact with the universe to store data in the ether. Ok, not really, but we keep scan data until you fire us. You can see the complete scan history for a module by selecting the Scan Hisotry icon shown below.

Re scan

A module can be rescaned by clicking the Scan Again icon:

Licenses

By default, the licenses tab reflects a unique list of licenses across all modules. You can display the licenses for a single module by selecting the module in the left module pane.

Vulnerabilities

By default, the licenses tab reflects a unique list of licenses across all modules. You can display the licenses for a single module by selecting the module in the left module pane.