Stealth
Getting Started

Explore the Stealth Web UI

In the Stealth Web UI, you can manage your Projects, view and address security vulnerabilities, monitor dependencies, and review the health of your code. You can also configure account settings, manage API and Auth tokens, authorize applications, set organizational preferences, and customize email notifications.

You can visualize information at the Group or Organization level by clicking the name of the Group or Organization. General information, like Reports, Issues, Dependencies, Members, Settings, Help, and Settings, is available for all level types.

Group level

The following Stealth functions are available with the Web UI, at Group level, with Stealth Essentials and Stealth AppRisk:

  • Organizations available for the selected Group
  • View the assets dashboard
  • View and manage your assets inventory
  • Manage and customize your policies
  • Manage integrations for asset discovery, asset coverage, and issues from third-party vendors

Organizations available for the selected Group

If you navigate to the Group level and select the Organizations page, you will see a list with all the Organizations that you have access to from that Group and the Organization role for each available Organization.

View the assets dashboard

The Stealth Essentials Asset Dashboard reporting page provides a comprehensive overview of the security controls associated with your application. It presents critical metrics and data regarding your assets, such as scan coverage and a detailed breakdown of your inventory categorized by asset class, source, and other relevant information. Furthermore, the dashboard includes an extensive global filtering option, enabling users to filter results based on specific applications and owners, using the context data related to the application.

View and manage your assets inventory

You can use the Inventory page to organize your repository assets, enabling you to visualize all repository assets from your SCM tools, track Stealth product control coverage, and prioritize coverage mitigation based on business impact.

Each line in the inventory represents either a repository asset or a scanned artifact from Stealth that is likely a repository but lacks some identifying information. Scanned artifacts are not supported through Policies.

Manage and customize your policies

Policies allow you to automate the process of adding business context and receiving notifications.

Manage integrations for asset discovery, asset coverage, and issues from third-party vendors

The Integrations page shows all active integrations, SCM or third-party, including any data automatically synced from your existing Stealth Organizations, and provides access to the Integration Hub. You can use the Integrations Hub button to add SCM integrations, connect a third-party integration, add App Context to an SCM integration, or use the Stealth Runtime Sensor.

You can find an overview of all your integrations on the Stealth Web UI Integrations page. You can enable or disable your integrations, edit them, or remove them from your configuration.

Enable or disable an integration

You can have an integration connected or paused. Click play or pause to enable or disable an integration.

Add a new profile for an integration

Each integration can be configured to run on more than one profile. This is helpful when retrieving data from multiple instances within the same source.

To add a new profile:

  1. Click the Settings icon from an already available integration profile.
  2. Click Add profile.
  3. Fill in the configuration fields and click Done.

Remove an integration

To remove an existing integration from your environment, select the integration and click Delete.

Organization level

The following Stealth functions are available with the Web UI, at Organization level:

  • Explore the Dashboard
  • Manage your Projects
  • View reports
  • View dependencies and licenses
  • Manage your integrations
  • View and prioritize issues
  • Manage Organization or Group members
  • Set Stealth Organization and Group settings
  • View helpful resources
  • Manage account preferences and settings

Explore the Dashboard

When you log in to an existing account and select an Organization, the Web UI opens the Dashboard for that Organization. You can see your top pending tasks and vulnerable Projects, and you can add new Projects.

Top pending tasks

The Pending tasks section shows the next chores to be handled for the Projects in a Stealth Organization.

View Projects

Use the links for Projects on the Dashboard to explore and manage the metadata, retest, and fix options for the Target files in your Projects. Each link opens a Project details page where you can view the Project Overview, or switch to the History and Settings tabs.

Fix vulnerabilities

Stealth tracks and flags Pull Requests (PRs) in the top-most vulnerable Projects, including:

  • PRs that can be raised to fix vulnerabilities in some of the most vulnerable Projects.
  • PRs that have already been raised by or through Stealth and are open and awaiting review.

For Projects with the Fix vulnerabilities link, use this link to view Project details with an option to open a fix PR.

Top vulnerable projects

Similarly, the top vulnerable projects section shows the Stealth Projects assessed as the most vulnerable, with similar functions available as the Pending tasks section.

Add Project

To add a Stealth Project, use the Add project link on the Dashboard. Select how to add the Project from the dropdown.

Manage your Projects

To open the Projects listing page, select the Projects link in the side menu. On this page, you can perform several actions:

  • Add a Project. Select how you want to add the Project from the Add projects dropdown.
  • Filter, group, and sort your Projects.
  • View tips and the latest import log for your Projects.
  • Select the link for each Project to view the Project details page with a summary and Issue information.
  • Use the plus icon and add a Target from a custom location when Projects are grouped by Target. This allows for grouping Projects in another Target in the list.
  • Use the settings icon on the ungrouped Projects listing or the Settings tab on the Project detail page to configure General and GitHub integration settings for notifications, Project testing, and pull request (PR) frequency. On the Settings tab, you can also look up the unique Project ID and deactivate or delete a Project.
  • View the Project history on the History tab.

Manage your Integrations

You can set up a range of integrations with Stealth from the Integrations page available on the Dashboard.

General settings available for all level types

The following Stealth functions are available with the Web UI, for all level types:

  • View reports
  • View and prioritize issues
  • View dependencies and licenses
  • Manage Organization or Group members
  • View and manage Stealth Organization or Group settings
  • View helpful resources
  • Manage account preferences and settings

View reports

You can view reports to gain visibility and insights into the state of all your Projects, vulnerabilities, and license issues. You will find detailed definitions for information on the reports in the tooltips in the Reporting user interface.

The Reports page has all report types available at both the Group and Organization levels. The exception to the rule is the Asset Dashboard report, which is available only at the Group level.

View and prioritize issues

The Issues page provides a centralized view of all the issues identified by Stealth with additional asset context. This helps you and your team to better triage and remediate issues in Stealth.

View dependencies and licenses

You can view dependencies and license information for all Projects in your Organization or Group, using the Dependencies option in your Organization or Group menu.

Manage Organization or Group members

Select Members from the dashboard's navigation to view and manage users, roles, and how users authenticate in your Stealth Organization or Group.

The Members page is available at both the Group and Organization levels.

View helpful resources

Select the Help in the navigation on the Dashboard and then select an option to view resources with information about Stealth.

Select the Help > Product updates menu option to visit our updates page.

Manage account preferences and settings

Select your name in the navigation on the Dashboard and then Account settings to open your account settings page, where you can view and configure your user account settings, including:

  • View and manage your API token or the Auth Token for free accounts
  • View the list of your Authorized Applications
  • Set your preferred Organization
  • Delete your account
  • Manage your Account Settings for email Notifications (link in the left navigation), including Issue email alerts, Weekly report emails, and Usage alerts, as well as email notifications when reports are available and preferences for sales and marketing communications
  • Get a referral link to Share with a Friend. The link is in the left navigation of your Account Settings.

Previous

Getting Started

Next

Stealth Release Process

On this page