Creating a consolidated view of scans allows you to combine scan results from different projects. This action allows you to obtain a unified view of vulnerabilities and licensing issues, helping you to identify security risks and compliance issues in your software.
Additionally, within this view, you can select a listed vulnerability or licensing issue to view detailed remediation information.
Review the following statements:
You can only create one consolidated view per release.
Only scans added using the Fossa CLI tool (for Static Composition Analysis (SCA)) or the upload SBOM feature in DigiCert ONE can be added to a consolidated view.
To learn more, see Assign a threat detection scan to a release.
Once you create a consolidated view, any SCA or SBOM-related scan added to a release will be automatically included in the consolidated view.
To remove a scan from a consolidated view, you must remove the scan from the release.
To learn more, see Remove a scan from a consolidated view.
Sign in to DigiCert ONE.
Navigate to the Manager menu (top right) > Software Trust.
In Software Trust, go to Releases.
Locate and select the desired release.
Under Threat detection scans, review the listed scans.
Only Static Composition Analysis (SCA) and SBOM-related scans will display in the consolidated view.
As an optional step, to add a scan to the consolidated view, select Assign an existing threat detection scan, and then follow the on-screen steps.
As an optional step, to remove a scan from the consolidated view, see Remove a scan from a consolidated view.
Select Create consolidated view.
In the window that appears, enter a descriptive name for the consolidated view, and then select Create consolidated view.
You will be redirected to the Consolidated view tab.
In the Consolidated view tab, review the listed vulnerabilities and licensing issues.
To view detailed information, including remediation information, select the desired security issue, and then review the right window that appears.
To remove a scan from a consolidated view, you must remove the scan from the release.
Sign in to DigiCert ONE.
Navigate to the Manager menu (top right) > Software Trust.
In Software Trust, go to Releases.
Locate and select the desired release.
Under Threat detection scans, hover over the desired scan, and then select the trash icon to remove the scan from the release.
This scan will be automatically removed from the consolidated view.