Skip to main content

Overview

All paid workspaces receive a weekly vulnerability report by email. Krait runs a workspace-wide scan every week and delivers a digest of newly observed open findings directly to workspace members. The report covers the last 7 days, groups findings by severity and category, and highlights the assets with the highest concentration of new risk.

What the Report Contains

Summary

The summary section shows how many new open vulnerabilities were found during the reporting period, broken down by severity. Each severity row includes:
  • Total new findings at that severity level
  • Autofixable count - how many of those findings can be fixed automatically with an Autofix PR
  • Categories - which scanner types (Dependencies, SAST, etc.) contributed findings at that severity

Affected Assets

The affected assets section lists the repositories with the highest concentration of newly observed findings during the reporting window. Each asset entry shows:
  • The repository name with a link to open it in Krait
  • A severity breakdown (critical, high, mid, low) for that repository
  • The top critical findings detected, with a short description of each vulnerability
  • A link to view full asset details in the Krait dashboard

How to Enable or Disable

Weekly reports are enabled by default for all paid workspaces. To manage email notification preferences, navigate to Workspace Settings, then Notifications, and toggle weekly scan reporting on or off.
Only workspace members with notifications enabled will receive the weekly report email. If you are not receiving reports, check your notification settings in Workspace Settings.