Select Reports in the navigation bar and choose “Organization Report” from the dropdown.
The Organization Report in CloudDefense provides a comprehensive overview of your organization's security posture, helping you identify critical risks, understand trends, and prioritize remediation efforts. This report includes the following sections:
Summary Report
Top Vulnerabilities Applications
Top Vulnerabilities by Scan
Percentage of Scans by Language
OWASP Top 10
OWASP Top 10 Category
Secrets
SANS Top
SANS Top Category
Severity Over Time
Teams by Vulnerability
Vulnerabilities by Ageing
Top 10 Applications
Suppressed Rules
You can change the organization you're viewing by selecting it from the dropdown menu at the top of the screen.
Summary Report
The Summary Report provides a high-level view of your organization's security status, showing counts of suppressed rules, total applications scanned, Super Admins, Team Admins, and App Users. This summary helps you understand the overall security landscape of your organization.
Top Vulnerabilities Applications
The Top Vulnerabilities Applications section displays the distribution of vulnerabilities across CRITICAL, HIGH, MEDIUM, and LOW levels. The total number of vulnerabilities is displayed on the left end of the bar. Below image offers a clear picture of which applications have the most significant security risks.
Top Vulnerabilities by Scan
In the Top Vulnerabilities by Scan section, you can see a bar chart illustrating the distribution of vulnerabilities by scan type. The types include SCA, API, SAST, Container, and DAST, and the total number of scans is shown on the left end of the bar.
Percentage of Scans by Language
The Percentage of Scans by Language section reveals the distribution of programming languages used in your applications. It covers various languages and displays a bar chart that helps you understand your application's tech stack.
Knowing which programming languages are used most frequently in your organization's applications allows you to tailor your security strategies accordingly.
OWASP Top 10
The OWASP Top 10 section features a pie chart distribution of the most critical security risks, as outlined in the OWASP Top 10. This globally recognized standard helps developers and security teams understand and address the most critical security vulnerabilities.
Understanding the OWASP Top 10 vulnerabilities present in your applications helps you follow industry best practices and reduce your risk by prioritizing remediation for these critical issues.
OWASP Top 10 Category
The OWASP Top 10 Category section breaks down the vulnerabilities into individual horizontal bar graphs, each showing the distribution of CRITICAL, HIGH, MEDIUM, and LOW vulnerabilities within the respective categories.
Secrets
The Secrets section presents a pie chart that shows the percentage distribution of different types of secrets detected in your application scans. This includes various tokens, access IDs, API keys, and other sensitive information.
Detecting secrets like tokens and API keys in your source code is critical to preventing data breaches. This report helps you identify and remediate exposed secrets quickly.
SANS Top
The SANS Top section features a bar chart that displays the percentage distribution of all SANS counts detected in the application scans. It provides valuable insights into how your organization fares against the most dangerous software weaknesses.
By understanding which SANS categories are most prevalent, you can align your development and security practices with the latest recommendations.
SANS Top Category
The SANS Top Category section provides a structure similar to the OWASP Top 10 Category, with horizontal bar graphs displaying the distribution of vulnerabilities across CRITICAL, HIGH, MEDIUM, and LOW levels within each SANS category.
Severity Over Time
The Severity Over Time section shows a timeline of the number of vulnerabilities resolved over time. It features a curve that indicates how many CRITICAL, HIGH, MEDIUM, and LOW vulnerabilities have been resolved, helping you understand the remediation progress.
By analyzing the remediation progress, you can measure the efficiency of your security team and identify potential areas for improvement.
Teams by Vulnerability
The Teams by Vulnerability section presents horizontal bar graphs that show the number of vulnerabilities across different teams. Each graph illustrates the number of CRITICAL, HIGH, MEDIUM, and LOW vulnerabilities.
This section enables managers to identify which teams are most affected by vulnerabilities, ensuring appropriate resource allocation for remediation efforts.
Vulnerabilities by Ageing
The Vulnerabilities by Ageing section displays the age of vulnerabilities since they were first detected, grouped in days. The vertical bars stack CRITICAL, HIGH, MEDIUM, and LOW vulnerabilities, helping you identify aging security risks.
Aging vulnerabilities pose a significant risk to the organization. Understanding their age helps prioritize remediation efforts for the most critical, long-standing issues.
Top 10 Applications
The Top 10 Applications section ranks the top 10 applications based on their total findings. This ranking gives you a quick overview of which applications require immediate attention.
By addressing the vulnerabilities in these top 10 applications, your organization can significantly improve its security posture.
Suppressed Rules
The Suppressed Rules section provides a list of rules that have been placed on the allowed list and are suppressed for a given timeline. It displays their severity, language, and names.
This section helps you keep track of which rules have been suppressed, ensuring that non-critical issues are properly managed while still maintaining a secure development environment.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article