Product Demo: Organization Security Dashboard

View All Vulnerabilities In Your Organization with the ActiveState Platform

For a limited time the Organization Security Dashboard is available to all users, Click here to sign up.

What is the organization security dashboard?

View the vulnerabilities of all your projects across your entire organization. You can quickly find affected projects with major vulnerabilities, and incorporate the dashboard into existing scheduled reports. Note that vulnerabilities are not detected in real-time, results are computed daily.

Viewing Your CVE Dashboard

Access your dashboard from the Vulnerabilities (CVEs) tab of your organization page, and use the search field to find specific CVEs across your entire organization.

Each column on the dashboard provides important information about the vulnerabilities present in your organization’s projects.

Severity

The severity of the vulnerability (“critical”, “high”, “medium”, “low”, and “unscored”) is derived from the National Vulnerability Database (NVD) Common Vulnerability Scoring System (CVSS 3.x). By default, vulnerabilities are listed in descending severity, from “critical” to “not scored”.

Name and Description

Items in the Name field show the vulnerability as listed in the NVD. The link provided will go to the vulnerability details page on the NIST website, including the Description, and information like the current severity base score and known affected software configurations.

Projects Affected

Multiple projects may be listed as the same vulnerabilities may occur in different projects.

Click the link in this column to go to the Configuration tab of the affected projects.

Packages Affected

This column may include more than one package, as the same vulnerability may affect different packages.

More information about CVEs and how to remediate risks can be found here.

Interacting with the Dashboard

Filtering

You can Filter the dashboard to show certain levels of threats and only view public or private projects. When a filter is applied, it removes the filtered items completely from the results. Reset Filter will revert the dashboard to the default state of all fields being active.

Filtering your results can help save time reviewing vulnerabilities. For example, if remediation is only required for “critical” CVEs you can filter the dashboard results to show all and only “critical”, high-severity CVEs.

Searching

Using the Search field will simultaneously search through the packages and dependencies of all projects in your organization to find a specific CVE. The search matches against all columns (severity, name, description, projects affected, and packages affected). This can be useful if there is a credible threat or vulnerability in the news, you can quickly search for projects affected in order to assess the impact.

At this time we do not support advanced searches (such as the use of “-” to denote NOT, parentheses for exact matches, etc)

Click Clear to clear your search

Downloading a Report

Your CVE organization security dashboard can be downloaded as a .csv file by clicking the Download Report button on the Vulnerabilities (CVEs) tab of your organization’s page on the Platform. The report contains fields for

  • Package name
  • CVE name
  • Threat severity
  • Status as a public or private project

The .csv file containing your report can be easily imported into existing workflows, or shared with others who may not have access to the organization’s Platform account.

Watch Next: How to use the ActiveState Platform to create an artifact repository

New to the ActiveState Platform? Here’s how to get started, once you’ve created your free account.Use our Platform to build a custom environment for your next project, including just the language and packages your project needs.

  • Choose a language (Python, Perl, Tcl or Ruby)
  • Select your operating system (Linux, Windows, Mac)
  • Add the packages your project requires

ActiveState regularly pulls packages from each language’s standard open source repository (CPAN, PyPI, etc) to ensure that your open source language and components are up to date, can be compiled from source, and are then verified to work together in a distribution that is packaged for most major operating systems. Go ahead and try our beta today! We are hanging out at our Community Forum to provide support as you explore.

Individual users can get started with the ActiveState Platform for free. For use by organizations or teams of individuals, explore our paid plans.
Create Free Account Try out the ActiveState Platform

Recent Posts
Tech Debt Best Practices: Minimizing Opportunity Cost & Security Risk

Tech debt is an unavoidable consequence of modern application development, leading to security and performance concerns as older open-source codebases become more vulnerable and outdated. Unfortunately, the opportunity cost of an upgrade often means organizations are left to manage growing risk the best they can. But it doesn’t have to be this way.

Read More
Ready to Get Started?
Build your Python, Perl, Ruby, and Tcl dependencies from source and get a secure and easy-to-share project.
Get Started
Contact Us
Join Our Mailing List
Products
Product Updates
Supported Languages
Resources
Quick Links
Our Advantages
Solutions
Use Cases
Dependency Management
Beyond End of Life Support
Governance and Regulations
Pricing
Company
Support
Linkedin Twitter Github Instagram

© 2024 ActiveState Software Inc. All rights reserved. ActiveState®, ActivePerl®, ActiveTcl®, ActivePython®, Komodo®, ActiveGo™, ActiveRuby™, ActiveNode™, ActiveLua™, and The Open Source Languages Company™ are all trademarks of ActiveState.

Legal – Privacy Policy – Accessibility

Scroll to Top