Skip to Content
Security

Security

Security is your single dashboard for the security and health of everything Cendriix builds and runs — automated scans, compliance posture, code health, CI failures, and breach monitoring. Access via Govern → Security in the sidebar.

What it is

Rather than chasing security data across tools, Security brings it into one place: what’s been scanned, what passed, what needs attention, and what’s actively at risk. It’s organized into five areas.

Compliance

Track your compliance frameworks (such as SOC 2) as a list of controls, each showing pass / fail / warning status, severity, and when it was last checked. An overall compliance score and summary counts tell you where you stand at a glance.

Security Scans

See your scan runs grouped by date, covering the main scan types:

  • SAST — static analysis of your source code.
  • Secret Detection — leaked keys and credentials.
  • SBOM — software bill of materials / dependency inventory.
  • IaC — infrastructure-as-code misconfigurations.
  • Container Scan — image vulnerabilities.

Each run shows its status and detailed findings — severity, the rule that fired, the file location, and a message. You can trigger scans manually.

Code Health

Per-repository quality metrics: test coverage (with a visual bar), the number of flaky tests, and a technical-debt score based on how much high-churn code is left uncovered.

CI Failures

Automatically analyzed CI pipeline failures — each with a likely root cause, a confidence score, whether it looks auto-fixable, and a link to the fix PR when one exists.

Breach Detection

Active breach and vulnerability alerts, with a severity breakdown, mean time to resolution (MTTR), and an incident-response history showing each alert, the runbook used, its status, and how long it took to resolve. (/security-scans/breach-detection)

See also: Policies & Guardrails, Audit Log, RBAC & SSO

Last updated on