Portfolio-level security

If you have a portfolio of systems in Sigrid and licenses enabled for Security, Security will be visible in the top bar.

Your URL will be of the convention https://sigrid-says.com/[clientname]/-/open-source-health, whereas system details will follow https://sigrid-says.com/[clientname]/systemname/-/open-source-health.

Another way to arrive here is clicking on the top capability tiles on the Portfolio overview page. See the portfolio overview page.

Moving from portfolio level to system level

Since the portfolio view is a summary of system level findings, please refer to the system-level view of Open Source Health. For example, clicking on a system name in the portfolio overview will bring you to the system’s details.

Portfolio-level Security overview

The security overview page shows a summary of findings and estimated severity. From left to right, the tiles read as follows:

In the bottom part of the screen, each system is shown with a summary of its counts: number of findings per CVSS risk category and Finding age counts. For larger portfolios it may be useful to sort these on different characteristics. Its menu, by default set on sorting order by total number of “Finding”, is as follows:

Sorting can also be done per columns (here, the total number of “Critical risk” findings as an example). The top right bottom for exporting the data as a spreadsheet may be useful for further analysis.