Secbez Docs

Dashboard

The Secbez dashboard — repositories, scan history, findings, baselines, and policy configuration.

The dashboard is the central view for monitoring the security posture of every connected repository.

Repositories

The repositories view lists every connected repo with:

  • The most recent scan and its status.
  • Open finding counts grouped by severity.
  • The active baseline scan reference.
  • Links to scan history and configuration.

Scan run page

Every scan has its own run page showing:

  • Status timeline — queued → running → completed / failed, with per-step duration.
  • Step trace — which detectors ran, how many candidates each emitted, where time was spent.
  • Budgets used — files, bytes, candidates, LLM calls, time. Truncation reasons are surfaced if any budget was hit.
  • Findings — every finding produced by this scan, grouped by file and severity.

Step traces are useful when investigating an unexpected result — you can see whether a detector skipped a file, whether the graph indexer ran, and whether enrichment timed out.

Findings feed

The main findings view aggregates findings across all repositories. Each finding row shows:

  • Severity badge (critical, high, medium, low).
  • Category (e.g., SQLi, broken access control, IDOR/BOLA).
  • File path and line number.
  • Status (open, suppressed, fixed).
  • Repository.
  • Confidence and whether an invariant agent reviewed it.

Use the filters to narrow down findings:

  • Severity.
  • Category and rule ID.
  • Repository / branch.
  • Status (open, suppressed, fixed, needs-review).
  • New vs. baseline.
  • Agent verdict (confirmed, inconclusive).

The Command Palette (Cmd+K / Ctrl+K) jumps straight to a repository, scan run, or finding by ID.

Baseline

Each repository has a baseline — the set of findings persisted from its last full scan. The baseline view lets you:

  • See every pre-existing finding in the repo.
  • Suppress findings in bulk.
  • Re-baseline after a remediation effort closes a batch of findings.

Policy

The policy editor lets you adjust severity thresholds for warn/fail outcomes per repository. See Policy & Merge Checks for the threshold model.

Audit log

The audit log records suppressions, baseline changes, policy changes, and access events. Useful for compliance reviews and post-incident analysis.

On this page

RepositoriesScan run pageFindings feedFiltering and searchBaselinePolicyAudit log