SOOS displays metrics at the top of the Developer dashboard for you to easily keep track of what you're scanning.  Read below for a quick guide to understanding what these metrics are telling you.

  • Sites - The total number of web applications being scanned. (Only applicable when SOOS DAST is enabled.)
  • Manifests - The total number of manifests scanned between all your projects.
  • Packages - The total number of unique packages and versions, that were found in all projects across all manifests.
    • If Scan Full Dependency Tree is turned on in the Configure page, this number will reflect packages throughout full dependency trees.
  • Vulnerabilities - This displays the total number of new and pending vulnerabilities detected among all of your projects.  Read more about Vulnerabilities here.
  • Violations -This represents the number of policy violations exist among all of your projects. Read more about Violations here. 
    • The number of violations may exceed the number of manifests and/or packages because individual packages may violate several policies, and several different packages may violate the same policies.  
  • Web Vulnerabilities - This is the number of vulnerabilities detected in the scanned web applications.  (Only applicable when SOOS DAST is enabled.) Read more about Web Vulnerabilities here.
  • Substitutions - This indicates the count of possible dependency substitutions that were identified among all projects. Read more about Dependency Substitutions here.
  • Typos - This represents the number of possible typos identified in your dependencies across all projects. Read more about Dependency Typos here.

Please note: If issues have been suppressed in any of your projects, they will not be reflected in the issue count for the corresponding issue type.

Clicking the filter icon in each of the tiles will filter the list of projects shown on the Developer Dashboard to only display those that contain the selected issue type.  

  • Recent Issues - SOOS uses the phrase issues to refer to vulnerabilities and violations, etc. as a whole.  The Recent Issues list is a preview of the most recent issues that have been identified across all projects, sorted from the most to the least severe. 
    • Refer to the Viewing Your Issues article to read more about viewing details of your identified issues.