Dashboard Overview
The Dashboard (also called the Overview page) is the first screen you see after logging in. It provides an at-a-glance summary of your organization's security posture across all monitored surfaces.
Key Metrics
The top row displays real-time KPI cards:
| Metric | Description |
|---|---|
| Risk Score | Weighted score from 0-100 based on open findings. Lower is better. |
| Total Findings | Count of all findings ever detected across every source. |
| Open Findings | Findings in New or Confirmed status that need attention. |
| Live Secrets | Credentials actively validated as still working. Requires immediate rotation. |
| Monitored Assets | Number of assets (domains, repos, packages) being scanned. |
| Active Incidents | Open incidents that group related findings together. |
| Cross-Source | Findings appearing across multiple sources (e.g., same secret in NPM and GitHub). |
- 0-39 (green) — Good security posture. Few or low-severity findings.
- 40-69 (yellow) — Moderate risk. Review high-severity findings.
- 70-100 (red) — Critical risk. Live secrets or many critical findings detected.
CISO KPI Dashboard
Below the KPI cards, the CISO KPI Dashboard provides executive-level metrics designed for security leadership. It tracks trends over time and highlights areas that need strategic attention.
Industry Benchmark
The Benchmark card compares your security posture against anonymized industry averages. This helps you understand where your organization stands relative to peers of similar size and sector.
Severity Breakdown
The donut chart shows the distribution of findings by severity level:
| Severity | Color | Typical Causes |
|---|---|---|
| Critical | Red | Live API keys, active tokens, database credentials |
| High | Orange | High-confidence secret exposure, public key material |
| Medium | Yellow | Moderate-confidence exposure, outdated credentials |
| Low | Blue | Informational, unlikely to be exploitable |
| Info | Gray | Metadata observations, no direct risk |
Findings Trend
The bar chart shows the distribution of your findings across severity levels. Use it to track whether your remediation efforts are reducing critical and high-severity findings over time.
Recent Findings
The bottom section lists the five most recently detected findings. Click any finding to expand it and see:
- Description — What was found and where
- Source reference — The exact package, image, or repository
- Secret type — The category of credential detected
- Validity status — Whether the secret has been validated as active
Click View full details to navigate to the finding's detail page.
Navigation
From the dashboard, use the left sidebar to navigate to other sections:
- Findings — Full list of all detected secrets and credentials
- CVEs — Software vulnerabilities affecting your dependencies
- Hosts — Discovered subdomains and infrastructure
- Shield — CI/CD security scanning for GitHub repositories
- Assets — Manage what BleedWatch monitors
Troubleshooting
Dashboard Shows No Data
If the dashboard appears empty after first login:
- Verify you have added at least one asset in Assets
- Wait for the first scan cycle to complete (usually within minutes)
- Check that your assets are set to Active monitoring
Risk Score Seems Too High
The risk score weights critical and high-severity findings heavily. To reduce it:
- Review and remediate Critical findings first
- Mark confirmed false positives as False Positive to exclude them
- Rotate any Live Secrets immediately