Executive Security Dashboard
{{ scope_label | default('All Folders') }} — Security Posture Overview
Portfolio Summary
{% endif %} {# License Summary — 4 KPI cells via fs.kpi_cell. Inline conditional value-colors from pre-migration (lines 142-154) dropped per the migration trade-off (consistent with Phase 1b/1c precedent — fs.kpi_cell-macro contract preserved). #} {% if license_kpis and license_kpis.get('total', 0) > 0 %}License Summary
{% endif %} {# Policy Health (horizontal stacked bar). Nested ph_has_data gate preserved from pre-migration lines 160-162: outer truthy check on datasets AND inner sum-of-values check across both datasets. Skipping the nested check would render an empty chart shell when both datasets are present but all values are zero. #} {% if policy_health and policy_health.datasets | default([]) | length >= 2 %} {% set ph_has_data = (policy_health.datasets[0].data | default([]) | sum > 0) or (policy_health.datasets[1].data | default([]) | sum > 0) %} {% if ph_has_data %}Policy Health
Security and license policy violations and warnings across the portfolio.
{% if render_mode == 'fragment' and not fragment_scripts_enabled %}Findings by Folder
Distribution of security findings across folders by severity.
{% if render_mode == 'fragment' and not fragment_scripts_enabled %}Findings by Project
Distribution of security findings across projects by severity.
{% if render_mode == 'fragment' and not fragment_scripts_enabled %}Severity Trends ({% if severity_trends.get('start_date') and severity_trends.get('end_date') %}{{ severity_trends.start_date }} to {{ severity_trends.end_date }}{% else %}{{ severity_trends.get('month_count', 12) }} Months{% endif %})
{% if mode == "summary" %} Total findings per month: for each month, we pick each project's version in effect at month-end and sum their findingCount. {% else %} Critical and High severity findings over the report period. {% endif %}
{% if render_mode == 'fragment' and not fragment_scripts_enabled %}Highest-Risk Products
{% if mode == "summary" %} Projects bucketed by their highest-severity finding. {% else %} Projects bucketed by risk score (critical*10 + high*5 + medium*2 + low*0.5). {% endif %} {% if risk_donut and risk_donut.get('total_artifacts') %} {{ risk_donut.total_artifacts }} total projects.{% endif %}
{% if render_mode == 'fragment' and not fragment_scripts_enabled %}| # | Product | Risk Score | KEV | Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|
| {{ loop.index }} | {{ p.project }} | {{ p.risk_score }} | {% if (p.kev|default(0)) > 0 %}{{ p.kev }}{% else %}0{% endif %} | {% if (p.critical|default(0)) > 0 %}{{ p.critical }}{% else %}0{% endif %} | {% if (p.high|default(0)) > 0 %}{{ p.high }}{% else %}0{% endif %} | {% if (p.medium|default(0)) > 0 %}{{ p.medium }}{% else %}0{% endif %} | {% if (p.low|default(0)) > 0 %}{{ p.low }}{% else %}0{% endif %} |
{% if mode == "summary" %}Findings by Triage Status{% else %}Open Issues by Severity{% endif %}
{% if mode == "summary" %} Distribution of findings by VEX triage status across the portfolio. {% else %} Distribution of unresolved findings by severity (excluding resolved/triaged). {% endif %}
{% if _oip_total > 0 %} {% if render_mode == 'fragment' and not fragment_scripts_enabled %}{% if mode == "summary" %}No findings to triage{% else %}No open issues{% endif %}
{% endif %}License Distribution
Software licenses by component count.
{% if render_mode == 'fragment' and not fragment_scripts_enabled %}{% if mode == "summary" %}Findings by Triage Status{% else %}Open Issues by Severity{% endif %}
{% if mode == "summary" %} Distribution of findings by VEX triage status across the portfolio. {% else %} Distribution of unresolved findings by severity (excluding resolved/triaged). {% endif %}
{% if _oip_total > 0 %} {% if render_mode == 'fragment' and not fragment_scripts_enabled %}{% if mode == "summary" %}No findings to triage{% else %}No open issues{% endif %}
{% endif %}Exploit Intelligence
Findings with exploit indicators (KEV, known exploits, ransomware, etc.).
{% if render_mode == 'fragment' and not fragment_scripts_enabled %}Findings by Type
Finding counts categorized by type (CVEs, Crypto, Credentials, etc.).
{% if render_mode == 'fragment' and not fragment_scripts_enabled %}Findings by Type
Finding counts categorized by type (CVEs, Crypto, Credentials, etc.).
{% if render_mode == 'fragment' and not fragment_scripts_enabled %}Finding Age Distribution
{% if mode == "summary" %} Findings bucketed by the age of the version they live in. {% else %} Open findings bucketed by days since detection. {% endif %}
{% if render_mode == 'fragment' and not fragment_scripts_enabled %}Project Findings Summary
| Project | KEV | Critical | High | Medium | Low | Total |
|---|---|---|---|---|---|---|
| {{ row.project }} | {% if (row.kev|default(0)) > 0 %}{{ row.kev }}{% else %}0{% endif %} | {% if (row.critical|default(0)) > 0 %}{{ row.critical }}{% else %}0{% endif %} | {% if (row.high|default(0)) > 0 %}{{ row.high }}{% else %}0{% endif %} | {% if (row.medium|default(0)) > 0 %}{{ row.medium }}{% else %}0{% endif %} | {% if (row.low|default(0)) > 0 %}{{ row.low }}{% else %}0{% endif %} | {{ row.total | default(0) }} |