diff --git a/docs/.gitbook/assets/image (574).png b/docs/.gitbook/assets/image (574).png
new file mode 100644
index 000000000000..e01bf6e467ac
Binary files /dev/null and b/docs/.gitbook/assets/image (574).png differ
diff --git a/docs/.gitbook/assets/image (576).png b/docs/.gitbook/assets/image (576).png
new file mode 100644
index 000000000000..54406a5e14e9
Binary files /dev/null and b/docs/.gitbook/assets/image (576).png differ
diff --git a/docs/.gitbook/assets/image (577).png b/docs/.gitbook/assets/image (577).png
new file mode 100644
index 000000000000..cb7990863100
Binary files /dev/null and b/docs/.gitbook/assets/image (577).png differ
diff --git a/docs/.gitbook/assets/image (578).png b/docs/.gitbook/assets/image (578).png
new file mode 100644
index 000000000000..bda49698347a
Binary files /dev/null and b/docs/.gitbook/assets/image (578).png differ
diff --git a/docs/.gitbook/assets/image (579).png b/docs/.gitbook/assets/image (579).png
new file mode 100644
index 000000000000..4ec5decce4ea
Binary files /dev/null and b/docs/.gitbook/assets/image (579).png differ
diff --git a/docs/.gitbook/assets/image (580).png b/docs/.gitbook/assets/image (580).png
new file mode 100644
index 000000000000..4ec5decce4ea
Binary files /dev/null and b/docs/.gitbook/assets/image (580).png differ
diff --git a/docs/.gitbook/assets/image (581).png b/docs/.gitbook/assets/image (581).png
new file mode 100644
index 000000000000..122bac325cf4
Binary files /dev/null and b/docs/.gitbook/assets/image (581).png differ
diff --git a/docs/.gitbook/assets/image (582).png b/docs/.gitbook/assets/image (582).png
new file mode 100644
index 000000000000..70677c5322e9
Binary files /dev/null and b/docs/.gitbook/assets/image (582).png differ
diff --git a/docs/.gitbook/assets/image (583).png b/docs/.gitbook/assets/image (583).png
new file mode 100644
index 000000000000..85d662830fbd
Binary files /dev/null and b/docs/.gitbook/assets/image (583).png differ
diff --git a/docs/.gitbook/assets/image (584).png b/docs/.gitbook/assets/image (584).png
new file mode 100644
index 000000000000..6714064155c3
Binary files /dev/null and b/docs/.gitbook/assets/image (584).png differ
diff --git a/docs/.gitbook/assets/image (585).png b/docs/.gitbook/assets/image (585).png
new file mode 100644
index 000000000000..40663e6e1d6c
Binary files /dev/null and b/docs/.gitbook/assets/image (585).png differ
diff --git a/docs/getting-started/snyk-web-ui.md b/docs/getting-started/snyk-web-ui.md
index 524a8da0c04b..b1bc3f287659 100644
--- a/docs/getting-started/snyk-web-ui.md
+++ b/docs/getting-started/snyk-web-ui.md
@@ -24,35 +24,9 @@ If you navigate to the Group level and select the Organizations page, you will s
Asset Dashboard is available only for Snyk AppRisk Essentials users. If you use Snyk AppRisk Pro, see [Application Analytics](../manage-risk/enterprise-analytics/application-analytics.md).
{% endhint %}
-On the Snyk AppRisk dashboard page, you can add widgets that display an overview of your application and security controls.
+The Snyk AppRisk Asset Dashboard reporting page provides a comprehensive overview of the security controls associated with your application. It presents critical metrics and data regarding your assets, such as scan coverage and a detailed breakdown of your inventory categorized by asset class, source, and other relevant information. Furthermore, the dashboard includes an extensive global filtering option, enabling users to filter results based on specific applications and owners, using the context data related to the application.
-You can customize the dashboard widgets as desired. Choose to rename or modify display configurations, or add multiple widget instances.
-
-#### Configure a widget
-
-You can customize your dashboard with the available widgets. You can change the settings of an existing widget or the way it is displayed. You have the ability to move a widget around the dashboard, rename it, display or hide the legend, view it in full screen, export or download it.
-
-For details on archived or deleted repositories and the information presented in the dashboard widgets, see [Repositories assets](../manage-assets/assets-inventory-layouts.md#repository-assets).
-
-#### Settings menu
-
-You can make several changes to a widget. All widgets allow you to change the name. Other particular settings are available for each widget. To access the **Settings** menu:
-
-1. Select a widget and click the **Setting** menu.
-2. Customize the widget by changing its name or other specific details.
-3. Click **Apply**.
-
-#### Widget menu
-
-You can access the full list of general options from the widget menu. To do this:
-
-1. Select a widget and click the menu available in the top right corner of the widget.
-2. Select one of the following actions:
- * **View in full-screen**
- * **CSV export**
- * **XLS export**
- * **Download PNG**
- * **Download PD**
+Navigate to the [Asset Dashboard](../manage-issues/reporting/available-snyk-reports.md#asset-dashboard) documentation section for more details.
### View and manage your assets inventory
@@ -207,7 +181,7 @@ Reporting is available only with Enterprise plans. For more information, see [pl
You can view [reports](../manage-issues/reporting/) to gain visibility and insights into the state of all your Projects, vulnerabilities, and license issues. You will find detailed definitions for information on the reports in the tooltips in the Reporting user interface.
-The Reports page is available at both the Group and Organization levels.
+The Reports page has all report types available at both the Group and Organization levels. The exception to the rule is the Asset Dashboard report, which is available only at the Group level.
### View and prioritize issues
diff --git a/docs/manage-issues/reporting/available-snyk-reports.md b/docs/manage-issues/reporting/available-snyk-reports.md
index 04a846880717..47c9bf774fa8 100644
--- a/docs/manage-issues/reporting/available-snyk-reports.md
+++ b/docs/manage-issues/reporting/available-snyk-reports.md
@@ -12,6 +12,7 @@ The following reports are available:
* [CWE TOP 10 KEV report](available-snyk-reports.md#cwe-top-10-kev-report)
* [Cloud Compliance Issues report](available-snyk-reports.md#cloud-compliance-issues-report)
* [Developer IDE and CLI usage report](available-snyk-reports.md#developer-ide-and-cli-usage)
+* [Asset Dashboard](available-snyk-reports.md#asset-dashboard)
Select **Change Report** to change the report displayed:
@@ -27,9 +28,7 @@ The Issues Detail report displays all known issues in all of your Projects that
The Issues Detail report displays the number of issues as well as the number of unique vulnerabilities that make up the issues.
-Quick aggregations are available by categories including **Severity**, **Product Name**, and **Issue Type**:
-
-
Quick aggregation for Issues Detail Report
+Quick aggregations are available by categories including **Severity**, **Product Name**, and **Issue Type.**
Individual issues are displayed in a table according to the selected category. You can modify columns as needed.
@@ -39,12 +38,6 @@ For a table of only the unique vulnerabilities, use Change Report to switch to t
The Issues Summary report highlights the value that Snyk is providing by enabling both the identification and resolution of issues.
-
-
-
Issues Summary report
-
-
-
The report provides a glimpse into how well teams are optimizing the use of the Snyk platform for their workflow and provides a means to measure and improve security.
This report enables you to easily understand the current state and trends of the highest security risk items. This report also provides a quick view into where risk is coming from and where remediation efforts are most and least effective.
@@ -61,12 +54,6 @@ Key metrics are then broken down to point out information at the Organization or
The Vulnerabilities Detail report is similar to the Issues Detail report but shows issues grouped by Snyk Problem ID ([see Snyk Vulnerability DB](https://security.snyk.io/vuln)).
-
-
-
Vulnerability Details report
-
-
-
You can easily see how many instances of a vulnerability exist and how many Projects are affected. Use this report to understand which vulnerabilities are most prevalent for both resolution and prevention use cases.
For a table of Total Issues, use Change Reports to switch to the Issues Detail report.
@@ -83,18 +70,12 @@ This report addresses primary scenarios for managing and resolving emerging zero
Use this report to discover your exposure to issues highlighted in a zero-day publication across various Targets and Projects. The report helps you prioritize zero-day issues and monitor the progress of remediation efforts against any remaining occurrences.
-
Featured Zero-Day Report
-
The [Security team at Snyk](https://snyk.io/platform/security-intelligence/) continuously updates the [Vulnerability Database](https://security.snyk.io/) with new vulnerabilities several times a day. When the team discovers a major new zero-day vulnerability—typically in a widely used package with high severity that affects many customers—it will be announced and addressed as a zero-day event.
Upon the announcement of a new zero-day event, begin by examining the **Impacted Targets** table to gain a deeper understanding of the exposure. Use filters such as Project Lifecycle, Environment, or Project Criticality to focus solely on Targets associated with Projects in production that are externally exposed or of high criticality. Gaining such insights depends on the [availability of Project attributes](../../snyk-admin/snyk-projects/project-attributes.md#available-attributes-and-their-values).
-
Impacted Targets table
-
Next, proceed to the **All** **Issues** table and compile a prioritized list of issues requiring remediation. Typically, prioritization is determined by either the Snyk [Risk Score](../../manage-risk/prioritize-issues-for-fixing/risk-score.md) or NVD CVSS Score, with emphasis placed on addressing vulnerabilities within sensitive targets. Apply filters based on Project Lifecycle, Environment, or Project Criticality to identify and address these targets promptly.
-
All Issues table
-
For continuous monitoring of remediation progress and efficacy, refer to the trend diagrams.\
The **Accumulative Issues Backlog Trend** diagram shows the weekly changes in the zero-day backlog by accumulating the weekly delta between identified and resolved issues. Use this diagram to ensure that your R\&D teams are reducing the zero-day backlog consistently, which will be indicated by a negative trend line.
@@ -104,30 +85,18 @@ In parallel, review the **Issues Identified versus Resolved over Time** diagram
The SLA (Service Level Agreement) Management report provides new levels of visibility into your SLA governance and compliance across Snyk Groups, Organizations, and Targets. It provides the means to assess the remediation time against SLA targets and prioritize the next steps to achieve the desired results.
-
SLA Management report
-
The report presents the SLA targets with default values based on common security standards, for example, FedRAMP. Within the report, users can modify each SLA target according to their security requirements.
-
Editable SLA targets
-
Users can share the report with predefined SLA targets by sharing the URL of the report. Users can also return to a predefined SLA report by bookmarking the web page in their browser.
In the open issues section, the SLA severity breakdown shows a distribution of severity levels by the SLA compliance status of the viewed Group or Organization. The SLA trend indicates whether the viewed Group or Organization meets the expected progress toward SLA compliance.
-
Open issues section
-
The SLA breakdown table allows you to compare the SLA compliance results of Organizations in the Group view, or Targets in the Organization view. The table is sorted by default according to the quantity of breached issues. Use the filters to view counters for specific severities only.
-
SLA breakdown table
-
The breached and at-risk open issues table helps you prioritize issues based on their aging and SLA compliance status.
-
Breached issues table
-
You can also review the SLA results for resolved issues and perform a retrospective analysis.
-
Resolved Issues section
-
## OWASP Top 10 report
The [OWASP Top 10](https://owasp.org/www-project-top-ten/) is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks for web applications and is globally recognized by developers as the first step towards more secure coding.
@@ -140,26 +109,18 @@ For example, the critical vulnerability [SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2314720
Learn more by using the [OWASP TOP 10 Learning path](https://learn.snyk.io/learning-paths/owasp-top-10/) on Snyk Learn.
-
OWASP Top 10 Distribution of Control and Issues by Severity dashboards
-
-
A list of of the OWASP controls, and a breadkdown of the issues by severity
-
The report is based on the latest mapping released in 2021. The supported products are Snyk Open Source, Snyk Container, and Snyk Code.
## CWE Top 25 report
The [CWE Top 25](https://cwe.mitre.org/top25/) Most Dangerous Software Weaknesses is a list that demonstrates the current most common and impactful software weaknesses based on Common Vulnerabilities and Exposures (CVEs) severity and their exploitation potential.
-
CWE Top 10 report
-
The report is based on the latest version released in 2023 by Mitre. The supported products are Snyk Open Source, Snyk Container, and Snyk Code.
## CWE Top 10 KEV report
The [CWE Top 10 KEV Weaknesses](https://cwe.mitre.org/top25/archive/2023/2023\_kev\_list.html) list identifies the top ten CWEs in the Cybersecurity and Infrastructure Security Agency’s (CISA) [Known Exploited Vulnerabilities](https://www.cisa.gov/known-exploited-vulnerabilities-catalog) (KEV) Catalog, a database of security flaws in software applications and weaknesses that have been exposed and leveraged by attackers.
-
CWE TOP 10 KEV
-
The report is based on the version released in 2023 by Mitre. The supported products are Snyk Open Source, Snyk Container, and Snyk Code.
## Cloud Compliance Issues report
@@ -194,8 +155,6 @@ This report focuses on the local developer experience and thus does not include
Security teams can use this report to demonstrate strong shift left behavior as model behavior to bring to other teams. This report also shows where teams or individual developers are not adopting Snyk locally. Companies can use this report to encourage more shift left behavior.
-
Developer IDE and CLI usage
-
This report shows the test usage in the IDE and CLI by developers:
* Total number of developers running scans and the number of scans in IDE and CLI
@@ -203,3 +162,131 @@ This report shows the test usage in the IDE and CLI by developers:
* List of organizations and developers adopting Snyk locally
Teams can filter by date and Organization.\
+
+
+## Asset Dashboard
+
+The Asset Dashboard provides a comprehensive overview of your application and security controls. It displays essential data such as the status and trends of open issues, control coverage, and repository metadata.
+
+The Asset Dashboard is a central hub for managing and reviewing assets, making tracking inventory size easier over time and understanding the interaction between different asset types.
+
+While Snyk Inventory enables the discovery and management of your assets that should be secured, the Snyk Asset Dashboard allows you to go beyond the details and better understand the main building blocks of your inventory. \
+\
+The Asset Dashboard brings all the asset data that is available in your inventory and helps to answer various questions, such as:
+
+* Does my AppSec program meet the coverage requirements for business-critical assets and strategic applications?
+* Are the assets being classified properly according to their criticality?
+* Do you know which repositories belong to which application or code owners? Are newly introduced repositories being updated with that data?
+* What are the main programming languages and package managers that are used in repositories that have been worked on recently?
+
+### Filters
+
+The filters are located at the top left of the page, with the following filtering options: **Asset Class**, **Asset type,** **Add filter**. The filter selection applies to all available data widgets.
+
+Here are the available filters:
+
+| Filter | Description |
+| -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| Asset Class | The business criticality of an asset (A - most critical to D - least critical). |
+| Asset type | The type of an asset (Container image, Package, Repository). Most data widgets already present certain asset types by default. |
+| \*Application | The list of the applications for which you have configured the application context catalog in Snyk AppRisk. |
+| \*Catalog name | The name of your application context catalog. |
+| \*Category | The category of a repository asset. For example, `service` or `library`. |
+| Discovered | The period when the asset was discovered. |
+| Last Seen | The period when the asset was last imported from the integration. |
+| \*Lifecycle | The lifecycle state of the application context catalog component. For example `production`, `experimental`, `deprecated`. |
+| \*Owner | The team that owns the repository for which the application context catalog was configured. |
+| Repository Freshness |
The last commit date in the repository:
Active: Had commits in the last 3 months.
Inactive: The last commits were made in the last 3 - 6 months.
Dormant: No commits in the last 6 months.
N/A: There are no commits detected by Snyk AppRisk.
|
+| Source | The integration that imported the asset. |
+| Tags | The asset tags. For more details about tagging assets using a policy, see the [Tagging policy](../../manage-risk/policies/assets-policies/use-cases-for-policies/tagging-policy-use-case.md) page. |
+| \*Title | The name of the component for which the application context catalog was configured. |
+
+**\***All filters marked with `*` are visible only if you configured the [application context](../../scm-ide-and-ci-cd-integrations/snyk-scm-integrations/application-context-for-scm-integrations/) catalog for your SCM integrations.
+
+### Repository coverage widget
+
+The repository coverage widget provides an overview of the percentage of scanned repositories compared to the total number of available repositories, using integrated Snyk or third-party security products.
+
+Hover over any column to see how the coverage percentage is calculated.
+
+
Repository Coverage
+
+### Asset class breakdown
+
+The asset class breakdown widget surfaces the distribution of repositories and container images by [asset class](../../manage-assets/assets-inventory-components.md#class). Reviewing this widget allows you to determine the percentage of business-critical assets in your inventory and drill down to see the actual assets.
+
+{% hint style="info" %}
+**Tips**
+
+* Having the context of the asset class is crucial for prioritizing assets. It is recommended to categorize your inventory by implementing [classification policies](../../manage-risk/policies/assets-policies/use-cases-for-policies/classification-policy-use-case.md) to proactively classify existing and newly introduced assets.
+* Using the filters enables narrowing down the asset class distribution within specific applications or code owners, as well as focusing on active repositories or a set of assets based on the asset tags.
+{% endhint %}
+
+
Asset Class Breakdown
+
+### Top 10 technologies breakdown
+
+The top 10 technologies widget identifies the leading programming languages and frameworks used in repositories. Using the available filters enables you to determine the most commonly used technologies in active or business-critical repositories. Moreover, you can investigate specific applications or code owners.
+
+{% hint style="info" %}
+**Tips**
+
+* The technology data is available in the [asset tags](../../manage-assets/assets-inventory-components.md#tags).
+* Click a presented technology to open the inventory page in a new browser tab. This will allow you to review the related repositories in detail.
+{% endhint %}
+
+### Top 10 package managers breakdown
+
+The top 10 package managers widget allows you to identify the leading package managers in your inventory. The quantities represent assets of package type. A [package asset](../../manage-assets/assets-inventory-layouts.md#packages) is defined as software or library that is managed by package management systems.
+
+### Repository freshness
+
+The repository freshness widget displays the distribution of repositories according to the last commit date:
+
+* **Active**: Had commits in the last 3 months.
+* **Inactive**: The last commits were made in the last 3 - 6 months.
+* **Dormant**: No commits in the last 6 months.
+* **N/A**: Commits data is unavailable.
+
+You can use this widget to surface the quantity of repositories that are more or less maintained in various contexts, such as specific applications.
+
+{% hint style="info" %}
+**Tips**
+
+You can use the asset class filter to identify business-critical assets that are not being maintained. Click a specific slice to open the inventory page in a new browser tab where you can browse and learn more about those assets.
+{% endhint %}
+
+
Repository freshness
+
+### Application context availability
+
+The application context availability widget allows you to discover gaps in the context of assets. The available columns include:
+
+* **Application Context** - displays the analyzed context attribute.
+* **Unique Values** - shows how many unique instances exist for an attribute. For example, you can check how many unique applications or code owners are available for any of the listed attributes.
+* **Availability in Repos** - indicates the completeness of a certain attribute across the repositories.
+
+{% hint style="info" %}
+**Tips**
+
+* Before reviewing this widget, ensure that the results are cleaned up by filtering out the "dummy" attribute values, such as "unknown", "-", and so on.\
+ You can clean up the values by selecting only the relevant values.
+* Filtering by asset class allows you to identify business-critical repositories without a known code owner or associated application.
+* Filtering by the "active" value of the repository freshness filter allows you to discover context gaps in repositories that are actively being developed.
+* Reviewing the unique values allows you to spot gaps in context. For example, you may realize that the number of unique code owners does not match the number of teams.
+{% endhint %}
+
+
Application Context Availability
+
+### Asset source breakdown
+
+The asset source breakdown widget visualizes the quantities of detected assets from various sources. A source can be a platform where the asset is being managed directly (such as an SCM, container registry, and so on) or a platform that enriches the assets (such as security products and ASTs).
+
+{% hint style="info" %}
+**Tips**
+
+* The widget displays the net quantities of detected assets for each source. If an asset is detected in more than one source, it will be counted once for each detected source.
+* When asset inventory quantities seem incomplete or exceed expectations, this widget will help you discover which integrations should be examined and potentially configured differently.
+{% endhint %}
+
+
.png)
.png)
.png)
 (1).png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)