Threatrix Documentation
Threatrix
  • Getting Started
  • Developer Quick Start
  • SecureShip
    • Artifactory Scanning
    • ThreatAgent Scanning
  • Threat Center
    • Creating Account
      • OAuth Login
    • Entity Dashboard
    • User Profile
  • AICertify
    • Reviewing Results
  • codecertify
    • Quick Start
    • Project Summary Tab
    • Components Tab
      • Custom Components
        • Adding
        • Editing
        • Important Notes
      • Header Panel
      • Module Tree Panel
      • Results Panel
        • Card View
        • Risk Graph View
      • Audit History
    • Assets Tab
      • Custom Asset Matches
        • Adding Asset Match
  • securecore
    • Project Dashboard
    • ThreatScan
    • Scan Results
  • Threat Agent
    • Threat Agent Overview
    • Threat Agent - Installation & Scanning
    • Scan Summary Reports
    • Resolving Errors
    • Scanning Container Images
  • Integrations
    • Dependency Managers
      • RENV
    • Build Integrations
      • AWS CodeBuild
      • Azure DevOps
      • Bitbucket Pipeline
      • CircleCI
      • GitHub Action
      • GitLab Pipeline
      • Jenkins Pipeline
    • SCM Integrations
      • GitLab
      • Bitbucket
    • Issue Management
      • Jira
    • Notifications
  • Policy Management
    • Policy Overview
    • Creating Policies
    • Policy Conditions
    • Policy Actions
    • Policy Scopes
  • Administration
    • User Management
    • Organization Settings
      • Organization Knowledge Base
      • Integration
        • Slack Integration
        • Jira Integration
        • Service Keys
    • RBAC
    • Entity Management
    • Okta
      • Okta Org2Org Integration
  • GraphQL API
    • API Overview
  • Resources
    • Dependency Managers
      • PIP
    • Dictionary
    • Licenses
    • Security & Privacy
    • Binary File Support
  • Hybrid / On Premise
    • Getting Started
    • Installation
    • Upgrade
    • Setup
    • Cloud Data Disclosure
    • Troubleshooting
Powered by GitBook
On this page

Was this helpful?

  1. Threat Agent

Scan Summary Reports

Scan summary reports are integrated directly into a pull/merge request and enable your team to quickly assess the risk and policy violations associated with the most recent build integrated scan.

PreviousThreat Agent - Installation & ScanningNextResolving Errors

Last updated 1 year ago

Was this helpful?

Configuration

An SCM access token is necessary to enable the creation of comments against pull requests. A personal access token may be used for this purpose, but we highly recommend that a service user be created and managed by the administrator of your SCM. A PAT for the service user requires only repo rights to the repositories on which PR comments will be created.

The new access token will need to be added as a secure environment variable build system as SCM_AUTH_TOKEN

Scans must be launched as a result of a git pull/merge request originating from your SCM.

Summary reports are created as a comment attached to your pull/merge request. They include quantitative summary data for Vulnerabilities, Licenses, Asset composition, and associated policy violations. Users may click the project name to be redirected directly to the project page to review the full scan results.

See for more details.

Installation & Configuration