Home
User Guide
Information that helps you to make the most out of Seeker for securing your applications
Working with Projects
Seeker uses projects to organize information and workflows.

User Guide
Information that helps you to make the most out of Seeker for securing your applications
- Working with Vulnerabilities
  Seeker provides a rich set of tools to explore and handle security vulnerabilities detected in your applications.
- Working with Projects
  Seeker uses projects to organize information and workflows.
  - View Application Security for Regular Projects
    The Application Security dashboard provides an overview of the vulnerabilities detected in a regular project, the application's compliance with the security standards, and the results of third-party component analysis.
  - View Application Security for Composite Projects
    The Application Security dashboard provides an aggregated overview of the vulnerabilities detected in a composite project, which is convenient for assessing the security status of the whole application.
  - View Compliance Status
    In the Compliance dashboard, view the details of a project's compliance with the assigned policy and the major security standards: OWASP Top 10 2021, 2017, 2013; OWASP Top 10 API Security Risks 2023, 2019; PCI-DSS v3.2, CWE/SANS 2011, GDPR, CAPEC.
  - View Component Risk
    In the Component Risk dashboard, view the application risk reported by Software Composition Analysis (SCA), which scans for vulnerabilities the third-party and open-source components used in your application.
  - View and Explore Inbound Endpoint Risk
    In the Endpoint Risk dashboard, view and explore a distribution of application risk by inbound endpoints.
  - View and Explore Outbound Endpoint Risk
    In the Endpoint Risk dashboard, view and explore an application risk distribution by outbound endpoints.
  - View and Explore Application APIs
    Seeker enables you to view and explore your application's API reference that is auto-generated from the API endpoints collected by the Agent for active inspection, or from a manually uploaded API specification file.
  - View and Explore Code Risk
    In the Code Risk dashboard, view the application risk reported by rapid static scans of the source code.
  - View and Explore Data Flow Map
    In the Data Flow Map dashboard, explore your application's real-time interactions with other resources, such as databases and internal or external services.
- Working with Recommendations
  Seeker offers you various personalized recommendations to optimize your workflows and application testing by fine-tuning your system configuration.
- Configuring User Settings
  Personalize your experience with Seeker by configuring your user settings.

Working with Projects

Seeker uses projects to organize information and workflows.

About Seeker projects

A regular project is associated with a single web application or an application subcomponent such as a microservice.

A composite project is a collection of regular projects, each of which is associated with a certain application subcomponent, and thus represents a whole application. For a microservices-based application, you can define one composite project that includes regular projects for each of the microservices.

View the Projects page

In the main menu, click (Projects).

The page displays a list of projects available for the current user, filtered by the selections in the filter bar at the top. Each entry displays the summary and metrics of a project, and can be expanded for detailed information and tasks.

In this page, you can do the following:

Filter the project list by Projects, Versions, Code location, Score, Compliance status, Tags, Deployment, and Criticality.
Refresh the list by clicking Refresh.
Create a new project by clicking + Add project.
Customize the project list appearance by opening the Customize display dropdown list and choosing the following options:
- By default, regular projects within composite projects are not shown in the list. If you want to change this, toggle the Show/Don't show projects within composites option on.
- Choose a time period for which you want to view the data: Last 7/30/90/365 days.
- Choose how to sort the projects: by Activity, Vulnerable component count, Endpoint coverage, Name, Score, Vulnerability count, or Favorite. For each of these, you can choose the ascending or descending order.
Export the vulnerabilities of the selected projects in a PDF report by clicking Export.
Click the star icon next to a project name to add it to favorites for quick access.
Drill down to the details of any project by clicking its name or by choosing View from the (cog) menu.
View the compliance status details of any project by clicking the compliance indicator link.

Assess application security

Click a project in the list to open this project's page.

From the left-hand menu, open various dashboards to explore and assess the different aspects of your application's security.