Security Center
The Security Center provides a comprehensive overview of your organization’s security posture.
Overview
Navigate to Dashboard → Security to access the Security Center.
Key Metrics
| Metric | Description |
|---|---|
| Overall Score | Compliance score from 0-100 based on all scan results |
| Open Vulnerabilities | Total count with Critical and High breakdowns |
| Secrets Detected | Number of exposed secrets found by Gitleaks |
Vulnerability Trend Chart
A historical line chart showing the number of issues found over time. Use this to track whether your security posture is improving or degrading.
Vulnerability Breakdown
Issues categorized by type:
- Injection — SQL, XSS, command injection
- Authentication — Weak passwords, session issues
- Cryptography — Weak algorithms, missing encryption
- Configuration — Insecure defaults, debug mode
- Dependencies — Known CVEs in third-party packages
- Secrets — Exposed credentials
Compliance
CodeStax maps your scan findings to industry compliance frameworks:
SOC 2 Type II
| Control | What’s Checked |
|---|---|
| CC6.1 | Logical and physical access controls |
| CC6.6 | External threats and vulnerabilities |
| CC6.7 | Data transmission security |
| CC7.1 | Detection of changes and vulnerabilities |
ISO 27001
| Control | What’s Checked |
|---|---|
| A.12.6 | Technical vulnerability management |
| A.14.2 | Security in development processes |
| A.18.1 | Compliance with legal and contractual requirements |
PDF Compliance Reports
Generate downloadable PDF reports that include:
- Executive summary for management review
- Compliance matrix with pass/fail status per control
- Detailed findings with remediation guidance
- Severity color-coding for quick review
Available on Team and Enterprise plans.