Skip to main content
Version: 6.0.0

Module Security

N|Solid provides a backstop to your CI/CD dependency scanning by constantly downloading new vulnerability reports and checking the 3rd party libraries it sees loaded in memory against known security vulnerabilities, alerting you immediately if a new report matches your system. With build-based scanning, this typically would be invisible--once it makes it to the production it has already been scanned. So if the vulnerability is reported after your scan you are in the dark--no more if you're using N|Solid.

Detecting Security Vulnerabilities

The Security View

If there are any vulnerabilities found in your applications, the Security option in the global Navigation dropdown menu will show a red icon. Click there to see a list of vulnerabilities found for the processes matching the current Global Filter.

tip

See more about Filtering here

Nav Menu

Clicking on Security in the Nav Bar will display the Security Vulnerabilities view. This view displays a list of all the vulnerabilities found across all applications matching the Filter.

Security Vulnerabilities View

All of the vulnerabilities found in all applications will be listed on the left. The numbered badge in that list indicates the number of applications which are affected by the vulnerability.

You can use the Hide/Show toggle on the right to have the vulnerability ignored when determining the number of vulnerabilities across all of your applications.

Vulnerable Processes in the Dashboard

From the Dashboard, vulnerabilities can also be found by clicking the Modules tab below the main Dashboard table. This provides a summarized view of the main Security Vulnerabilities view.

Dashboard Vuln view

Vulnerability Information in the Scatterplot

Selecting the Vulnerability Sort option in the Scatterplot will highlight vulnerable processes with a bright red dot, and secure processes will be shown with a light colored dot.

Scatterplot Vulns

Configuring Notifications for Security Vulnerabilities

To enable notifications for vulnerabilities, go to the Global Configuration menu.

Settings Menu

Scroll down to the section Vulnerability Notifications. Here you can add Integrations integrations to be invoked when a new vulnerability is found.

Global Vuln Config