Overview

Have a look at your secure software development lifecycle posture assessment and get an overview of the risks this specific asset poses to your organization.

ProducerA developer, anyone who works on code

SourceGitHub, GitLab, BitBucket

BuildGitLab Runner, GitHub Actions

DistributionDockerhub, NPM-Package-Registry

ConsumerUser, Kubernetes Infrastructure

DependenciesAlpine, an NPM-Package

React Flow

This diagram displays the current state of your software development lifecycle. It shows which threats are mitigated already as well as which threats are still open. The threat model is heavily based on the proposed threat model by .

Details of your secure software development lifecycle

Asset Risk

21.62

The total risk this asset poses to the organization

Open Vulnerabilities

0 same compared to last month

Handled Vulnerabilities

0 same compared to last month

Total Vulnerabilities

0 same compared to last month

Open Vulnerabilities

Showing the distribution of vulnerabilities based on the risk range and the scan type.

Vulnerable Components

The following components have the highest risk score

debian/openssl

Version 3.0.15

14.50 Risk

cross-spawn

Version 7.0.3

5.17 Risk

debian/gcc-12

Version 12.2.0

1.95 Risk

Low severity

Average fixing time for low severity flaws

Medium severity

Average fixing time for medium severity flaws

High severity

Average fixing time for high severity flaws

Critical severity

Average fixing time for critical severity flaws

Risk Trend

The development of the overall risk value in the past months.

Overview

Threats and mitigations4/15

Asset Risk

Open Vulnerabilities

Handled Vulnerabilities

Total Vulnerabilities

Open Vulnerabilities

Vulnerable Components

Low severity

Medium severity

High severity

Critical severity

Risk Trend