Once a violation is “found,” security engineers review it, assign it a State (e.g., “In progress”), and, after investigation, mark it “Resolved” or “Not processed” if it’s a false positive or low priority.
##### Use Cases **\#1. Updating Vulnerable Dependencies** A daily NPM scan detects outdated packages in a Node.js project. Engineers mark the report as "In progress", update the dependencies, and resolve the issue. **\#2. Server Configuration Errors** A SERVER\_SCAN identifies open ports. The IT team secures the ports and marks the violation as "Resolved". **\#3. Sync Discrepancies** A SYNC scan flags code inconsistencies after deployment. Developers review the logs, sync configurations, and close the report. **\#4. False Positives Management** An automated scan reports a minor issue. The security team reviews the report and marks it as "Not processed" if deemed harmless. ##### Typical Workflow **1. Daily/Periodic Scans** A security scanner (via API integration, not by default) runs on a server or code repository on a set schedule, reporting: "notFound" – No issues detected. "found" – Issues identified for review. **2. Report Creation** The system automatically creates a Violation Report entry, or a security engineer manually logs it. Fields include: **Server name**: Which server was scanned. **Tool**: Name of the scanning tool (e.g., NPM, SERVER\_SCAN, SYNC). **Result**: Was a violation discovered (found) or not? **State**: Whether the issue is “Not processed,” “In progress,” or “Resolved.” **Project**: Which project or environment the server is linked to. **Created at/Updated at**: Timestamps for when the record was created or last updated. **Description**: Any extra details or logs from the scan. **3. Engineer Review** A security engineer checks the new violations. If the issue needs action, they mark it as “In progress.”Once it’s handled or deemed harmless, they set State to “Processed” (or a similar status).
##### Table View Use **Table** view for a spreadsheet-style overview, sortable and filterable by any column. By default, you’ll see:| Column | Description |
|---|---|
| **Severity** ⇅ | Visual severity icon (— for Medium, ↓ for Low, ↑ for High/Critical). Click to sort by severity level. |
| **Created at** ⇅ | Timestamp when the report was first logged. |
| **Title** | Clickable report name; opens the Edit panel. |
| **CVSS v3 Score** | The numeric CVSS score (e.g. 7.5). |
| **Assigned to** | One or more engineer names/UIDs. |
| **Tool** ⇅ | Scanning tool (e.g. NPM, SYNC, SERVER\_SCAN). Click to sort. |
| **Scan type** | Code base or Server scan. |
| **Component** | If Code base → module or repo path. |
| **Server name** | If Server scan → hostname or IP. |
| **Project** | Linked project name. |
| **SLA** | Target remediation date / time. |
| **Updated at** | Timestamp of the most recent update to the report (status change, reassignment, or edit). |
| ****Status**** |
**Overdue alert:** If the SLA has expired and the report is not closed, the SLA cell is shaded **red** to draw immediate attention.
> **Violation Reports – Clickable Title** > In the Table view for Violation Reports, the **Title** column entries are clickable: clicking any Title opens the full-width “View Violation Report” drawer, displaying all of that report’s fields, history, attachments, resolution summary, and close details. **Sorting & Total:** Sort reports by any column. The **Total** count shows how many entries match your current view. ##### Board (Kanban) View > **Board** view—a Kanban-style layout groups reports into columns by **Status**. Drag & drop cards between **Open**, **In Progress**, **Resolved** to update their status in real time.**Warning:** Deleted violation reports cannot be restored. Be sure you no longer need the record before confirming deletion**.**
##### Filtering & Searching 1. **Filter Panel:** Click **Filter** to narrow by **Status** or **Tool**. 2. **Search Bar:** Type a partial or full server name in the **Search** field to find specific reports instantly.