We're excited to announce a significant step forward in making Private StackShare the system of record for your engineering teams: you can now see the open security vulnerabilities in the packages and libraries being used across all your Git repos in one interface via the new Vulnerabilities Report!
Many companies that build software now have a multitude of security tools and services, constantly scanning their code, infrastructure, and end products to uncover vulnerabilities and security gaps. As we’ve worked closely with Private StackShare enterprise customers, we learned that while they have plenty of tooling, there’s a common gap: there isn’t one pane of glass where you can see all the security vulnerabilities that exist across all your codebases. If you want to understand how important it is to fix a specific CVE and which repos and applications it affects, you have to do a fair amount of manual work to figure that out via scripts and other custom solutions.
With Private StackShare, you get all that data pushed to you and available in an easy to read report.
Vulnerabilities Reports primarily surface data from the National Vulnerability Database (NVD), the authoritative source for security vulnerabilities maintained by the US NationaI Institute of Standards and Technology (NIST).
The first thing you’ll see when you land on the report is a high-level overview and list of all the open vulnerabilities, sorted by severity. Click on any of the vulnerabilities and you’ll see the details behind the vulnerability, the tech stacks (repos) it affects, applications (groups of repos) it affects, and what version you need to upgrade to to patch the vulnerability.
You’ll also get alerts anytime new CVEs are discovered in any of your tech stacks, via email (below) and soon Slack and MS Teams!
You can search across the report to find specific CVEs and whether they’re present in packages and libraries in your codebases:
You can also filter the report to show you specific stacks (repos), applications, teams, severity etc.
You’ll also see Security Vulnerabilities in the Tools Report and main Dashboard.
Sign up for Private StackShare today to give Vulnerability Reports a try!