| title | description |
|---|---|
Reporting |
Track scan activity, vulnerabilities, and developer insights across your organization. |
Reporting brings together scan activity and security outcomes so you can track trends, progress, and ownership.
Where to find reporting
- In the app sidebar, open
Reportingto access: Generalfor security and developer insightsScansfor scan operations and PR policy statusAgingfor vulnerability aging and overdue trend analysis (available when policies are enabled)
General reporting tabs
Code Vulnerabilitiesshows unique vulnerability counts, category coverage, false positives, remediation progress, MTTR, and burn-down trends.
Code Qualityhighlights open vs fixed issues, severity distribution, categories, languages, and top projects.
SCAsummarizes dependency vulnerabilities by severity, ecosystem, package, and direct vs transitive impact.
IaCbreaks down infrastructure findings by severity, provider, service, rule, and IaC type.
Developer Insightscombines developer feedback and Corgea Agent usage trends, decisions, and active users.
Filters and time controls
- Use the project and tag filters to scope all charts to a single project or set of tags.
- For time-series charts, choose a date range and group by day, week, or month.
- Severity filters on supported charts let you focus on critical, high, medium, or low issues.
Scans reporting
Scansfocuses on operational visibility, including PR policy status, repositories covered, full scans, PR scans, and scan performance over time.
Aging report
- The aging report highlights overdue issues, average age, and where risk is accumulating by project and assignee.