AI Copilot
The AI Copilot lets you query your security data using natural language. Ask questions like "show me all critical findings from the last 7 days" or "which repositories have the most exposed secrets" and get instant visualizations — charts, tables, KPI cards — without writing queries or building dashboards manually.
How It Works
- Ask a question — Type a natural language prompt in the command bar
- AI generates a view — BleedWatch's AI analyzes your security data and produces the appropriate visualization
- Save and share — Pin useful views to your dashboard, or share them with teammates
The AI has access to your findings, assets, dependencies, vulnerabilities, incidents, and scan data. It respects tenant isolation — queries only return data from your organization.
Views
A "view" is a saved AI-generated visualization. Views can be:
| Type | Description |
|---|---|
| KPI Card | Single metric with trend indicator (e.g., "Critical findings: 12 ↑3") |
| Data Table | Filtered and sorted tabular data |
| Chart | Bar, line, pie, or area chart |
| Timeline | Chronological event visualization |
Managing Views
From the Copilot page:
- My Views — All views you've created, with pin/unpin and delete options
- Shared with Me — Views shared by teammates (read-only unless cloned)
- Templates — Pre-built view templates for common security questions
Click any view to open it full-screen. Click the pin icon to keep it at the top of your list.
Templates
BleedWatch includes pre-built templates for common security queries:
| Template | What It Shows |
|---|---|
| Risk Score Trend | 30-day risk score evolution |
| Critical Findings by Source | Distribution of critical findings across npm, Docker, GitHub, etc. |
| Top Vulnerable Dependencies | Packages with the most CVEs |
| Remediation Velocity | Average time to resolve findings by severity |
| Dark Web Exposure Summary | Credential leak counts by source and severity |
| Compliance Posture | Current compliance scores across all frameworks |
Click Use Template to create a personal copy that you can customize.
Prompt Examples
Here are effective prompts to get started:
Show me all critical findings created in the last 30 days
Which npm packages have the most CVEs?
Compare finding counts by severity for Q1 vs Q2
List all repositories with exposed AWS keys
What is my average time to remediate critical findings?
Show dark web credential leaks grouped by stealer family
The more specific your prompt, the better the result. Instead of "show me findings," try "show me critical and high findings from npm packages created after March 1st, grouped by type."
Admin Controls
Administrators can configure AI Copilot behavior from Settings → Copilot:
| Setting | Description |
|---|---|
| Insight Mode | Enable/disable the AI engine entirely |
| Admin Approval | Require admin sign-off before new views are created |
| Max Components | Maximum visualization components per view (1–50) |
| Daily Query Limit | Cap the number of AI queries per day (empty = unlimited) |
| Max Saved Views | Limit how many views can be saved (empty = unlimited) |
| Data Embargo | Delay (in hours) before the AI can access newly created data |
| Allowed Roles | Which roles can use Copilot (admin, client, viewer) |
| Blocked Datasources | Prevent the AI from querying specific data categories |
| Blocked Components | Prevent the AI from generating specific visualization types |
Audit Trail
Every AI query is logged in an append-only audit chain. Administrators can:
- View the full query history in Settings → Copilot → Audit Log
- Verify audit chain integrity with the built-in verification tool
- Export audit logs for compliance evidence
Data Privacy
- Copilot queries are processed by BleedWatch's AI infrastructure — your security data never leaves your tenant
- Queries and results are not used to train AI models
- All queries are logged in the audit trail for accountability
- The data embargo setting allows you to prevent the AI from accessing sensitive findings until they've been triaged
Troubleshooting
View Not Generating
If the AI returns an error:
- Check that Insight Mode is enabled in Settings → Copilot
- Verify you haven't exceeded your daily query limit
- Try rephrasing your prompt more specifically
- Ensure the data source you're querying isn't blocked by admin policy
Empty Results
The AI can only query data that exists. If a view shows no data, verify that the relevant findings or assets exist by checking the source pages directly (Findings, Dependencies, etc.).
Shared View Not Visible
Shared views require the recipient to have the same or higher role level as the sharer. Check role permissions in Settings → Copilot → Allowed Roles.