Skip to main content

Lifecycle Dashboard

Lifecycle’s dashboard is the fastest way to baseline and monitor the health of your applications. The dashboard provides insights into your organization's open-source consumption and helps you prioritize the highest risk.

Users need the View IQ Elements permission for at least one application to view the dashboard.

Dashboard Results

The dashboard results display information based on the applied filters. The same filters continue across the different views with the results differing depending on the selected view.

Features common across tabs on the dashboard.

  • Filters - Focus on specific violations. Save your custom views to match your workflow. Research the highest risk across each development team.

    See Dashboard Filters for details.

  • Sort - Select the column headers to change how the data is organized. For example, you may prioritize the highest risk or the latest violations.

  • Export Data - Save the content of any view to a spreadsheet for a point-in-time review or to generate custom reports.

  • Total Risk - is the aggregated policy threat scores for the scoped violations on a component across the scoped application reports. Use the filters to update the scoped violations and applications.

Violations View

The Violations view displays the policy violations found in applications you have permission to view.

Selecting a violation opens the Violation Details Popover showing the violating policy and the stages where the violation has been identified. Security violations include a detailed explanation of the vulnerability.

see Export Violation Data

Prioritize and Remediate

  • Filter results to newly discovered critical violations that have occurred in the last few days to coordinate a response with your development teams on the best path forward.

  • See the latest breaking violations across your build pipeline; review the violation details while requesting a waiver without having to navigate to individual scan reports.

Audit Risk throughout the Organization

  • Generate a detailed view of risk across business units. Export the view to deliver reports to stakeholders and business intelligence tooling.

Components View

The Components view organizes components based on their total risk to the enterprise. The threat scores assigned to policy violations are aggregated by component and anywhere the component is found in the filter's application scope. The risk is also calculated across the threat ranges; critical, severe, moderate, and low to apply additional meaning to the total score.

Selecting a component opens the component risk overview page which displays the applications the component is found as well as a breakdown of the violations.

see Export Component Data

Prioritize and Remediate

  • Select the components with the most risk and provide remediation instructions to the team members of each of those applications.

Audit Risk throughout the Organization

  • Export a list of all the components used in your organization.

Applications View

The Applications view provides a high-level baseline of your total organization risk and which applications have the greatest risk. Access the latest reports for each stage that have been evaluated for the application

The threat scores are assigned to policy violations from the application scan report and aggregated based on the current filters. The risk is also calculated across the threat ranges; critical, severe, moderate, and low to apply additional meaning to the total score.

see Export Applications Data

Prioritize and Remediate

  • Identify applications’ aggregated risk to prioritize remediation

Audit Risk throughout the Organization

  • Generate a baseline report of total risk to track over time. Use these totals to estimate the effectiveness of your SCA program and the value the tool is generating.

Waivers View

The waiver view shows waivers based on your filter selections. Click on a waiver to navigate to see the waiver's details.

The Upgrade column indicates when an upgrade is available for a waived component. This configuration is not set by default.

Learn more about Waived Component Upgrades Configuration.

see Reference: exporting waiver data

Prioritize and Remediate

  • Use the expiration date filter to review soon-to-expire waivers for build-failing violations to proactively remediate or renew the waiver.

  • See which components have a non-violating version so development has a clear path forward.

Audit Risk throughout the Organization

  • Revoke permanent waivers that do not have an exploration date

  • Review waivers that are overly broad potentially hiding critical risk

  • Audit existing waivers for quality and compliance

Select Export Waivers Data to download the waiver data to a CSV file.

Field name

Field value

Waiver Id

Unique waiver ID generated by IQ server at the time of waiver creation

Threat level

Threat level associated with the policy to be waived

Created Date

Date of waiver creation (format yyyy-mm-ddThh:mm:ssZ 'T' is a quoted character and 'Z' represents UTC)

Expiration Date

Date when the waiver is set to expire (format yyyy-mm-ddThh:mm:ssZ 'T' is a quoted character and 'Z' represents UTC)

Policy Id

Unique policy ID generated by IQ Server at the time of policy creation

Policy Name

Name of the policy to be waived (e.g. Security-critical, Integrity-Rating, Security-High etc)

Policy Constraints

Conditions and constraints checked by the policy that is waived by this waiver

Scope Type

The scope of the waiver determines whether the policy waiver will be applied to a specific org, application or repository.

Scope Id

IQ server generated scope ID, useful for automation with REST APIs

Scope Name

Organizational level at which the waiver is created.

Component Match Strategy

Match strategy can be all components, all versions, or exact match.

Component Hash

Unique component identifier

Component Name

Name of the component associated with the policy that is waived by this waiver


Indicates that an upgrade is available for the waived component. (Waived Component Upgrades must be configured.)

Created by Id

Userid of waiver creator

Created by Name

Username of the waiver creator


Optional descriptive comments for the waiver