Skip to main content

Dashboard overview

The AISafe dashboard is your command center for security assessments, findings, reports, and integrations.

The left sidebar is your primary navigation. It contains these sections:

  • Assessments: all assessments in your organization, with status and finding counts.
  • Projects: continuous security entities (repositories or targets) you monitor on an ongoing basis.
  • Findings: your triage queue, aggregating vulnerabilities across all assessments.
  • Reports: downloadable PDF deliverables for completed assessments.
  • Integrations: connections to GitHub, GitLab, Slack, Linear, and Jira.
  • Settings: organization configuration, members, teams, API keys, webhooks, and billing.

Click any section to open its view. The top bar shows your current organization and lets you switch organizations if you belong to more than one.

Assessments view

The Assessments view lists all assessments in your organization. Each row shows the assessment name, type (code audit or pentest), status (draft, running, completed, failed), finding count, and creation date. Click any assessment to see its findings, evidence, reports, and settings. You can filter by status, type, or project, and search by assessment ID or name.

Status indicators tell you where an assessment is in its lifecycle:

  • Draft: the assessment is configured but not yet started. You can edit the source, target, or instructions.
  • Running: the AI agents are working. A progress bar and stage timeline appear in the assessment detail view.
  • Completed: the assessment finished and findings are ready for triage.
  • Failed: the assessment encountered an error. Open the assessment to see the error details and retry if needed.

Use the filter bar at the top of the list to narrow by status, type, or project. The search box accepts assessment IDs (for example, AIS-ACME-TLP) or finding IDs (for example, AIS-ACME-TLP-001) or free-text name matches.

Findings view

The Findings view aggregates vulnerabilities across all assessments. Filter by severity, status (open, confirmed, fixed, false positive, accepted risk, duplicate), or assessment. This is your triage queue: confirm real issues, mark false positives, accept risks, and track remediation progress. Each finding links back to its parent assessment for full evidence context.

Severity filters let you focus on the most urgent issues. The severity levels are:

  • Critical: exploitable issues with high impact. Triage these first.
  • High: serious vulnerabilities that you should address at once.
  • Medium: real issues with moderate impact or limited exploitability.
  • Low: minor issues worth fixing but not urgent.
  • Info: observations and best-practice notes that are not vulnerabilities.

The triage workflow for each finding is:

  1. Review the evidence: file locations, taint flows, proof-of-concept payloads, and HTTP captures.
  2. Confirm the finding if it is a real vulnerability, or mark it as a false positive if it is not.
  3. Accept risk if you choose not to fix it now, or mark it as a duplicate if it overlaps with an existing finding.
  4. Track remediation: once a fix is deployed, mark the finding as fixed.

You can export confirmed findings to your issue tracker (Linear or Jira) from the findings list.

Projects

Projects represent continuous security entities: a repository or target that you want to monitor on an ongoing basis. A project can have scheduled scans, PR review, and monitoring enabled, so AISafe audits new code changes and catches regressions. Projects own a living knowledge base that accumulates context across scans, making each subsequent run faster and more accurate.

Integrations

The Integrations page is where you connect external services: GitHub and GitLab for source access and PR review, Slack for notifications, and Linear and Jira for issue export. Owners and admins manage organization-level integrations; all members can use personal integrations (e.g. your personal GitHub account) subject to org policy.

Reports

The Reports section lets you generate and download PDF deliverables for any completed assessment. Reports include an executive summary, finding details with evidence, and remediation recommendations. You can share them with stakeholders or include them in compliance packages.

Settings

Settings covers organization configuration (name, code, policies), member management, team management, API keys, webhooks, and billing/credits. You configure SLA policies for finding remediation windows here.