# Security

The Securrity Report contains the following information:

<details>

<summary>App Info</summary>

* **Name.** The name of the app.
* **Mendix App ID.** The Mendix App ID for this app (also known as a 'project ID').
* **Hosting platform.** The hosting platform that AppControl detected this app on.
* **App repository.** The app repository that this app is using to store it's project files.

</details>

<details>

<summary>Environment Info</summary>

* **Name.** The name of the environment.
* **URL.** The URL of the environment.
* **Mendix Version.** The Mendix version in use by this environment.
* **Model Version.** The model version that is currently deployed to this environment.

</details>

<details>

<summary>Policy Compliance</summary>

The policy compliance tile shows a summary of the results of the policy check for the revision that is deployed to the selected environment. For each policy check category the following information is displayed:

* **Total check results.** The total number of failed check results. (check result = unique combination of check type and specific element)
* **Percentage.** The percentage shows the percentage of checks (=check types) that were configured for this scorecard that passed (= did not generate any failed check results).
* **Star rating.** The star rating is a simple visualization of the percentage of checks that passed where 100% = 5 stars.

</details>

<details>

<summary>Vulnerable Components</summary>

The vulnerable components tile shows a summary of the components used by the currently deployed revision that have known vulnerabilities. For each vulnerable component the following information is displayed:

* **Component Type.** The type of component.
* **Name.** The name of the component.
* **Version.** The component version.
* **Vulnerabilities.** The list of known vulnerabilities.

</details>

<details>

<summary>Security Risks</summary>

The security risks tile shows a summary of the security risks found in the currently deployed revision. Security risks represent all security type policy checks that have a high risk that failed. For each detected risk the following information is displayed:

* **Severity.** The severity level of the risk.
* **Risk ID.** The policy check ID of the risk.
* **Security Risk.** A brief description of the risk.
* **Element Type.** The type of app element that is affected by this risk.
* **Vulnerabilities.** The number of vulnerabilities of this type that were found in the app.

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.bluestorm.io/dashboards/insights/reports/security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.