Security

The Securrity Report contains the following information:

App Info

  • Name. The name of the app.

  • Mendix App ID. The Mendix App ID for this app (also known as a 'project ID').

  • Hosting platform. The hosting platform that AppControl detected this app on.

  • App repository. The app repository that this app is using to store it's project files.

Environment Info

  • Name. The name of the environment.

  • URL. The URL of the environment.

  • Mendix Version. The Mendix version in use by this environment.

  • Model Version. The model version that is currently deployed to this environment.

Policy Compliance

The policy compliance tile shows a summary of the results of the policy check for the revision that is deployed to the selected environment. For each policy check category the following information is displayed:

  • Total check results. The total number of failed check results. (check result = unique combination of check type and specific element)

  • Percentage. The percentage shows the percentage of checks (=check types) that were configured for this scorecard that passed (= did not generate any failed check results).

  • Star rating. The star rating is a simple visualization of the percentage of checks that passed where 100% = 5 stars.

Vulnerable Components

The vulnerable components tile shows a summary of the components used by the currently deployed revision that have known vulnerabilities. For each vulnerable component the following information is displayed:

  • Component Type. The type of component.

  • Name. The name of the component.

  • Version. The component version.

  • Vulnerabilities. The list of known vulnerabilities.

Security Risks

The security risks tile shows a summary of the security risks found in the currently deployed revision. Security risks represent all security type policy checks that have a high risk that failed. For each detected risk the following information is displayed:

  • Severity. The severity level of the risk.

  • Risk ID. The policy check ID of the risk.

  • Security Risk. A brief description of the risk.

  • Element Type. The type of app element that is affected by this risk.

  • Vulnerabilities. The number of vulnerabilities of this type that were found in the app.

PreviousGovernanceNextUsers

Last updated