Security Assessments

Desktop scan

  1. Open the desktop app.
  2. Select a local folder.
  3. Start the scan and monitor progress.
  4. Review results in the report view.

Pre-scan checklist (recommended)

  • Assets: confirm service owner, exposure, and route patterns for critical services.
  • Policy: ensure rule packs and promotions are set to the desired stage.
  • Threat intel: sync feeds if new intel is expected.

CLI scan (CI/CD)

  • Run the CLI with the project path and tenant token provided by your admin.
  • Configure your pipeline to fail builds based on policy gates where required.
  • Store artifacts and reports as part of your CI audit trail.

Scheduling and cadence

  • Baseline: run on every pull request for critical repos.
  • Routine: run nightly on active services.
  • Audit: run monthly on legacy or low-change systems.

Typical outputs

  • Findings with evidence and confidence.
  • A summary report for stakeholders.
  • Optional fix suggestions when available.

Operational guidance

  • Treat high severity findings as priority incidents.
  • Review medium severity items within a defined SLA.
  • Track exceptions via your internal risk acceptance process.
  • Use voting and feedback to improve community rule quality when enabled.