Skip to main content

Route Vulnerability Detection

At the top of the dashboard, Krait continuously monitors your connected repositories for the most critical API vulnerability classes. Each card represents a category and shows the current detection count across all routes and repos.
Route vulnerability detection cards
Monitored categories include:
  • Broken Access Control - unauthorized route access
  • SSRF - server-side request forgery
  • Cross-Site Scripting - DOM, reflected, and stored
  • Remote Code Execution - arbitrary command execution
  • SQL Injection - unsanitized query inputs
Cards with zero detections confirm that category is clean. Cards showing detections include a count, a trend indicator, and links to the affected routes and repositories.

Security Posture

The Security Posture widget on the right side of the dashboard gives you a live score from 0 to 100 representing the current health of your workspace.
Security posture score widget
The score is derived from Krait-prioritized findings using the following formula:
Score = 100 - (C×10 + H×7 + M×3 + L×1) ÷ (total×10) × 100
Where C, H, M, and L are the counts of Critical, High, Mid, and Low prioritized findings. A score of 100 means no prioritized risk. The lower the score, the more urgent attention is needed.

Krait Priority Focus

Below the posture score, Krait Priority Focus shows an AI-curated subset of your total findings. Rather than showing every finding, Krait selects the ones that represent genuine, exploitable risk and surfaces them here. This section shows:
  • How many findings need your attention out of the total workspace findings
  • The percentage of total findings that are prioritized
  • How many findings have been filtered out as lower priority
This separation ensures your team spends time on findings that actually matter and is not overwhelmed by noise.

Tasks

The Tasks section lists every security action item currently requiring attention across your workspace. All tasks appear in a single feed so teams can triage, scan, and act from one place.
Tasks action items
There are two types of tasks: Pending Approval AI-generated findings from the API Inventory that have not yet been confirmed as findings. These appear when Krait detects a potential vulnerability through deep analysis and requires a human to review before it enters your findings feed. Each item links directly to the relevant call graph for review. Autofix Available Findings across your repositories that Krait can fix automatically by creating a pull request. Each item shows the number of fixable dependency and API inventory vulnerabilities for that repository, and lets you initiate the fix directly from the dashboard.

Live Activity

The Live Activity feed shows a real-time log of events happening across your workspace. This includes:
  • Autofix PR Created - a fix pull request was opened for a repository or API inventory finding, showing the vulnerability name and the user who triggered it
  • Repository Deleted - a connected repository was removed
  • Autofix Connected - the GitHub or GitLab AutoFix app was installed
Live activity feed
Each entry shows the event type, source, a short description, the user responsible, and how long ago it occurred.

Severity Distribution

The Severity Distribution panel shows a breakdown of all findings across your workspace by severity level: Critical, High, Mid, and Low. Each level displays the count and its share of the total.
Severity distribution
This gives leadership and security leads an at-a-glance view of how much critical risk is present relative to the overall finding volume.

Top Vulnerable Packages

Krait identifies the five packages responsible for the highest number of findings across all connected repositories. Each entry shows the package name, pinned version, and total finding count. This helps teams quickly identify which dependencies are driving the most risk and prioritize upgrades accordingly.

Issue Trend

The Issue Trend chart tracks how findings have evolved over the selected time window. It shows counts for:
  • New - findings detected during the period
  • Pending - findings awaiting review or action
  • Resolved - findings that have been fixed or closed
  • Ignored - findings that have been dismissed
Issue trend chart
Each severity level is plotted as a separate line so you can see whether critical and high findings are trending up or down over time.

Threat Intel

The Threat Intel panel surfaces CVE and CWE intelligence relevant to your connected repositories, updated on a rolling 7-day window. Each entry shows:
  • Severity and CVSS score
  • CWE identifier
  • How many of your repositories are affected
  • Which specific repositories are impacted
Threat intel panel
This allows teams to respond to newly disclosed vulnerabilities before a full scan cycle completes.

Repository Risk Matrix

At the bottom of the dashboard, the Repository Risk Matrix gives you a side-by-side comparison of every connected repository ranked by vulnerability count.
Repository risk matrix
Each row shows:
  • Repository name
  • Finding counts by severity - Critical, High, Mid, and Low displayed as color-coded badges
  • Total findings
  • Last scan time
Repositories with critical findings appear prominently, making it easy to identify which codebases need the most immediate attention across your entire workspace.