SAMMY UI is optimized for resolutions with a width 1024px and higher.
DSOMM
Browse DSOMM
T-KPI-2-1: Number of vulnerabilities/severity
T-KPI-2-2: Number of vulnerabilities/severity/layer
T-KPI-2-3: Patching mean time to resolution via PR
T-KPI-3-1: Fix rate per repo/product
T-KPI-3-2: Generation of response statistics
T-KPI-3-3: SLA per criticality
T-KPI-4-1: Patching mean time to resolution via production
Number of vulnerabilities/severity/layer
T-KPI-2-2: Number of vulnerabilities/severity/layer
  • Measurement and communication of vulnerabilities per severity for components like applications. At least quarterly.
Description

Communication can be performed in a simple way, e.g. text based during the build process. This activity depends on at least one security testing implementation. Layers to consider (SCA): - Cloud provider (if insights are possible) - Runtimes, e.g. Kubernetes nodes - Base images and container images - Application Layers to consider SAST/DAST: - Cloud provider - Runtime, e.g. Kubernetes - Base images and container images - Application