Dashboard (home)

Your dashboard provides an overview of your overall security posture. You can get to your dashboard by clicking the home icon on the sidebar.

Dashboard overview

This represents your total SBOMs and vulnerabilities across all time. The date range filter does not apply to these widgets.

Widget
Description

Total products all time

This shows the total number of products that you have managed since you began using Helm.

In Helm, you can manage a different SBOM for each product and version, to ensure that you understand and can effectively manage and communicate risk mitigation efforts across your total software supply chain.

Product versions with SBOMs

You can either upload an SBOM .json file, then specify the product and version all in the same step, or you can add your products and versions, then upload an SBOM for each product/version combo. This percentage shows you the number of product versions that you or someone on your team has uploaded SBOMs for.

Vulnerabilities over time

These widgets represent your vulnerabilities for a selected date range. You can view this over all versions within a product or for a particular product version.

Widget
Description

Total vulnerabilities

This shows the number of vulnerabilities that you have for the selected criteria.

Critical severity vulnerabilities

This shows the number of critical-level (CVSS score of 9-10) vulnerabilities that you have for the selected criteria.

Unremediated vulnerabilities

This shows the number of unremediated vulnerabilities that you have for the selected criteria.

Top 5 impacted products

Each donut chart represents the total number of vulnerabilities that have been detected in each of your products across all of their respective SBOM dependency components, within the selected date range, products, and versions, as well as the percentage of vulnerabilities in each level of severity.

You can view these widgets across all of your products and versions, or filter down to view particular products and versions.

Get more details:

Hover over the donut chart to display a View details button. Click that button to drill down into details for that product.

Add your first product:

  1. If you haven’t added a product yet, you’ll see an Add new product button in this section.

  2. Click this to specify the product name, then click Save.

  3. To view your new product, click the Products option in the sidebar. Your new product will be selected in the products drop-down.

  4. You’ll now need to add a version for this product. In the version drop-down, select Create version.

  5. Specify the version, then click Save. Your new product version will be selected. You’re now ready to upload your SBOM.

Widget
Description

Total vulns (in donut chart)

This is the total number of vulnerabilities across this product within the selected date range.

Critical severity

This is the number of critical severity vulnerabilities that have been detected in each of your products across all of their respective SBOM dependency components, within the selected date range, products, and versions.

Critical items have CVSS scores on a dark red background.

High severity

This is the number of high severity vulnerabilities that have been detected in each of your products across all of their respective SBOM dependency components, within the selected date range, products, and versions.

High items have CVSS scores on a light red background.

Medium severity

This is the number of medium severity vulnerabilities that have been detected in each of your products across all of their respective SBOM dependency components, within the selected date range, products, and versions.

Medium items have CVSS scores on a light orange background.

Low severity

This is the number of low severity vulnerabilities that have been detected in each of your products across all of their respective SBOM dependency components, within the selected date range, products, and versions.

Low items have CVSS scores on a light green background.

Top 5 vulnerable dependencies

This shows your top 5 most vulnerable dependency components within the selected date range, products and versions.

Widget
Description

Dependency name

This shows the name of the dependency component that is contained within your selected products and versions.

Version

This shows the version for the dependency component that is contained within your selected products and versions.

Supplier

This shows the supplier for the dependency component that is contained within your selected products and versions.

Total vulnerabilities

This shows the total number of vulnerabilities that you have not yet remediated for this dependency component.

Products impacted

This shows the number of your products that are impacted by this dependency component, meaning that the corresponding SBOM contains this dependency component. If you are viewing one product, this will show 1/1, but if you are viewing all of your products, this will show 1/n, with n being your current number of products.

Products impacted %

This shows the number of your products impacted by this dependency component across your selected products. If you are viewing 1 product, this will show 100%, but if you are viewing all of your products, this will show the percentage of your products that are impacted.

Actions

You can click the View button to drill down to view how many times a dependency component is used across your selected products and versions. From the search results, click Jump to product or Jump to vulnerabilities.

If you jump to this product, you’ll be able to see which product and product versions contain that dependency component and version. From the Actions > … button, you can choose to view more details, add a review note, view review history, and more.

If you jump to vulnerabilities for this dependency component, you can view the applicable vulnerabilities. From the Actions > … button, you can manage each vulnerability, including adding review notes and setting the Resolution. If you change this resolution, it will update the Product impact status.

Last updated

© Copyright MedCrypt 2024, All rights reserved.

#294: EOL release docs

Change request updated