Golden Fixes Dashboard

Data Refresh Frequency: Open violation data is updated daily at 1:00 pm UTC. Golden version suggestions are updated weekly.

Displays Data for: All open violations (regardless of the date they were opened) and resolved violations on or after January 1, 2024. For new installations, data will be visible within a week after the first scan.

To view historical data (generated before January 1, 2024) version 188 or higher is required.

Minimum Requirements: Applications must be scanned at least once, after upgrade to version 184. The dashboard currently shows data related to violations and remediations that are discovered after upgrade to version 184.

The Golden Fixes Dashboard helps you discover the potential impact of adopting golden fixes across your organization. Golden Fixes are validated, policy-aligned pull requests that automatically remediate open violations. This dashboard highlights how many violations could be resolved with Golden Fixes and helps you identify where they can have the greatest impact across your organization.

By providing clear visibility into security improvements that can be achieved with minimal effort, the dashboard enables you to view how many open policy violations could be remediated through golden pull requests. This gives executives, security teams, and development teams actionable insights into low-effort fixes that can significantly improve their security posture.

Use filters like date range, application, threat level, component type, and more to focus your view and identify the most impactful opportunities for remediation.

Golden Fixes are validated component versions that resolve security violations without introducing breaking changes. When a component has a golden fixes available, you have multiple upgrade options that can eliminate vulnerabilities while maintaining application functionality. These fixes are automatically identified by analyzing component dependencies and suggesting safe upgrade paths that have been verified as policy-compliant.

Our dynamic dashboard lets you drill into your application’s golden fixes profile with a rich set of filters. Narrow your view by date range, organization, application (and its category), policy threat level, policy name, development stage, and component type.

Date Range: Defaults to last 12 months. Adjustable to any custom period.

Organization: Select one or more customer organizations.

Application: Choose specific applications or all.

App Category: Filter by business unit or project type.

Policy Threat Level:

Component Type: Ecosystem filters (Maven, npm, NuGet, etc.).

Development Stages

Use these controls to slice and dice your risk data, hone in on trouble spots, and track progress across your teams and projects.

The build stage is selected by default.

Total Open Violations

This metric displays the total count of open (non-waived) security violations across all applications within your selected filters. This represents your baseline security exposure before applying any golden fixes.

Violations with Golden Fixes Available

This section shows both the count and percentage of open violations that can be resolved using golden fixes. This metric helps you understand what portion of your current security exposure can be addressed through low-effort remediation.

The percentage calculation removes the "A" from the display to show: "Violations with Golden Fixes Available" rather than "Violations with A Golden Fixes Available."

This gives you immediate insight into the potential impact of implementing a golden fixes strategy across your organization.

Violations with Golden Fixes Available by Threat Level

This pie chart breaks down Golden Fix opportunities by policy threat level, showing the following distribution across:

• Critical (threat levels 8-10)

• Severe (threat levels 6-7)

• Moderate (threat levels 3-5)

• Low (threat levels 1-2)

Use this visualization to prioritize your golden fixes adoption strategy, focusing first on critical and severe vulnerabilities that can be resolved with minimal effort. The chart shows both count and percentage for each threat level.

Applications and Components with Golden Fixes Available

Applications with Golden Fixes Available

This table lists applications that contain violations eligible for golden fixes remediation.

For each application, you can see the following :

• Application Name

• Number of Violations that can be resolved with golden fixes.

• Last Scan Date (based on the most recent open violation detected).

Applications that have been scanned but contain no violations will not appear in this table, as there are no security issues requiring remediation.

Golden Fixes Available for Components

This detailed table shows the specific golden fixes options available for your components. Each row represents a golden version recommendation rather than a unique component, meaning you may see the same component listed multiple times with different suggested versions.

Note

When the same component appears multiple times with different golden versions, this indicates you have options for remediation. You can select any of the suggested versions to resolve the violations without breaking changes.

The violation counts should not be summed across different golden versions of the same component, as implementing any one golden version will resolve all violations for that component across all applications.

This table includes:

• Component Name and Current Version

• Golden Version (recommended upgrade target)

• Number of Applications using this component

• Violation Count that would be resolved

Example:

If http-client 1.0.0 appears twice with golden versions 1.2.0 and 1.3.0, both options will resolve the same violations. Choose either version based on your compatibility requirements and development preferences.