Use the DevOps Inventory dashboard to view the scan results
from the Prisma Cloud IaC scan plugins or twistcli.
The DevOps Inventory dashboard (
provides a snapshot of the scan results across the different Prisma Cloud Plugins that you
are using to manage security misconfigurations natively in your
development environments before you deploy assets, infrastructure,
or code in production.
You can view scan results for the past seven days, by default,
— IDEs, SCMs, CI/CD pipelines—such
as Azure DevOps pipeline or IntelliJ IDE. The interactive dashboard
provides filters to change the scope of data displayed, so that
you can analyze information you want to view in greater detail.
At a glance the DevOps Inventory dashboard has four sections:
- Shows the overall summary of the
scans triggered by Prisma Cloud plugins, the API directly or twistcli.
The overall number is split by count to display the templates that
passed without any security violations and the templates that failed
the scan. For the failure case, you can view the count of the violations sorted
for low, medium, and high severity policies.
—Depicts the overall health of how your
processes are improving or worsening over time. The green, blue
and red trend lines are overlaid to visually display the pass and
failed templates scan results against the total number of templates
that have been scanned. The trends depict the overall security posture
of IaC scans and how they are performing over time so you can identify
sudden surges with failed policy checks or sustained improvements
with passing policy checks.
Scans By Classification
—Bar graph grouped by asset name
(default), asset type, or resource list that depicts the ratio of
passed to failed resources. This interactive graph allows you to
drill into the passed and failed resources for details on the corresponding
templates that passed or failed policy checks; you can click and
drag a section of the chart to zoom in further.
— The table enables you to group the results
by scan ID (default), asset name, asset type, or resource list and
then drill down to view granular information the filtered results,
and download it as a CSV file.
Each row displays the IaC scan
name with details on the tags, scan status, and the failure criteria.
The links is each column help you explore and gain the additional
context to fix the policy violations that were identified in the
scan. For example, you can view the errors reported for a specific
template type and resolve them early in the development lifecycle.