Dashboard

The Dashboard provides the quickest way to review the overall health of applications you manage. The Dashboard is displayed by default when you log into IQ Server. If you are in any other location of the IQ Server, click the Dashboard icon  on the IQ Server toolbar.


Using the Dashboard requires IQ Server with the Lifecycle or Auditor license. The Dashboard only displays information for applications you are permitted to see, requiring a user assigned to the Developer role for at least one application.

The Dashboard is organized into two areas: Filters and Results.

Filters

The Filter menu is located on the left side of the Dashboard. To adjust any of the various filters, click the filter label to see available options. For example, you can filter by organization, by policy violations found within a specific stage, or by policy type. Once you’ve adjusted the filters, click the Apply button to update the violations list. To save an applied filter selection, click Save button in the footer. Saved filters can be loaded from the dropdown at the top of the sidebar. 

Results

Dashboard Results display information based on applied filters.

The Violations view is the default view for the Dashboard. It displays data for the last 30 days and shows the first one hundred, newest policy violations found in your applications. You can also view Component and Application results using the tabs to change views.

The Components view displays the 100 highest risk components based on any filters that have been set and the user's level of access. Risk is represented in several ranges (Total, Critical, Severe, Moderate and Low). Total risk for each component is calculated by adding the threat level of all policies violated by the component within each range.

The Applications view displays the 100 highest risk applications, also based on any filters that have been set and the user's level of access.  As with components, risk is split up into several ranges.  Total risk is calculated by adding the threat levels of all policy violations in each range.  Risk is broken down by stage and also summarized into cross-stage totals.


NEW IN RELEASE 94
Clicking a violation in the Violations view opens the Violation Details page. The Violation Details page presents information on the violated policy, as well as the different stages the violation has been identified in. For seurity violation a detailed explanation on the vulnerability is also provided. The Manage Waivers button allows viewing, adding and deleting waivers for selected violation. See Manage Waivers for Violation for more info.

Clicking a component in the Components view opens the Component Details page. The Component Details page presents known coordinates for the component and all violations that have been found, organized by application. Risk information for each component is also provided:

Export Data

Export data displayed in the current results view using the Export Data button.

Results are saved on your local computer as a .csv file. The first row of the .csv file contains column names. The 'Date First Seen' column is in ISO 8601 format. The 'Timestamp First Seen' column has the same date, but in standard unix time format. 

Policy Violation Trends

The Policy Violation Trends feature has been superseded by Success Metrics, and was removed from IQ Server in version 1.40.

Prior to IQ Server 1.40, Export Violations Data was contained within a View menu alongside Calculate Trends. Selecting Calculate Trends from the View menu opens the Policy Violation Trends dialog. This shows policy violations trends for your current filter. Policy Violation Trends display a twelve-week look at how risk is entering your applications and how you are handling that risk, and also shows progress for all time. Calculating trends can take some time depending on the number and size of matching evaluations.