Skip to main content

Overview

Krait maintains two separate history logs: one for scans and one for user actions. Together they give security teams, workspace admins, and engineering leads full visibility into what is happening across the workspace at all times.

Scan History

The Scan History page logs every scan that has been run across all connected assets. You can see what was scanned, what type of scan ran, how long it took, and whether it succeeded.

Filters

Use the filters at the top of the page to narrow down the list:
  • Scan Status - filter by Completed, Failed, or In Progress
  • Asset Type - filter by API or Repository
  • Start Date and End Date - view scans within a specific time window
Use Reset Filters to return to the full list, or Refresh to pull in the latest scan data.

What the Table Shows

Each row in the Scan History table represents a single scan job and includes:
  • Resource - the asset that was scanned, such as an API endpoint or a repository, along with whether it was user-initiated and the asset type
  • Category - the type of scan that ran. Possible categories include:
    • Dependency - scans for vulnerable packages in the supply chain
    • SAST - static analysis for code-level vulnerabilities
    • Secret - detection of exposed credentials and secrets
    • IaC - infrastructure-as-code misconfiguration checks
    • RBAC - role-based access control analysis
    • API Inventory - discovery and mapping of API routes
    • Deep Analyze - AI-powered deep scan of API endpoints
  • Status - Completed or Failed. A Failed status indicates one or more scan steps did not complete successfully
  • Started At - the timestamp when the scan began
  • Completed At - the timestamp when the scan finished
  • Duration - total time taken for the scan to complete
A note below the resource name indicates how many assets were scanned and whether all steps completed or if any were incomplete.
Scan History table

Activity History

The Activity History page logs every action taken by workspace members. This makes it possible to trace who did what and when, across every resource in the workspace.

Filters

  • Action Modules - filter by the type of feature that triggered the action (e.g. autofix, repository management)
  • Action Types - filter by the kind of action taken, such as create or delete
  • Action Taker - filter by a specific workspace member

What the Table Shows

Each row represents a single user action and includes:
  • Action Module - the feature or system where the action originated, such as autofix_pr or repository_deletion
  • Action Type - what was done, such as create or delete
  • Taken By - the workspace member who performed the action, shown with their avatar and email
  • Resource Type - the type of asset the action affected, such as api-inventory or repository
  • Time - the exact timestamp of the action
Activity History table

Live Scan Monitoring

While scans are running, you can track them in real time without navigating away from your current page. Hover over the bell icon in the top navigation to see a live list of all scans currently in progress, including the scan type and how long each one has been running. This lets you stay aware of ongoing scan activity at all times without needing to open the Scan History page.