Overview
The Security Center provides a focused view of security-related findings from your Genesis Scan. It separates real vulnerabilities from general risks and technical debt, giving you actionable security insights.
Navigate to Security Center from the sidebar.
Tabs
The Security Center has two tabs:
| Tab | What it shows |
|---|---|
| Vulnerabilities | OWASP-style security issues detected during the security audit layer |
| Risks | Technical debt, configuration concerns, and improvement suggestions from the risks analysis layer |
Vulnerabilities tab
This is the default view. It shows only genuine security findings — authentication flaws, injection risks, missing input validation, insecure configurations, and other OWASP-category issues.
The tab includes:
- Security Score — A grade (A through F) and numeric score (0–100) based on the severity distribution of your vulnerabilities
- Severity breakdown — Visual bar showing the proportion of critical, high, medium, low, and info-level issues
- Issue Categories — Grouped by security domain (Authentication, Access Control, Injection, XSS, Cryptography, etc.)
- Most Affected Files — Files with the highest concentration of security issues, color-coded by severity
- Vulnerability list — Searchable, filterable list of all vulnerabilities with expandable details
Security score
The score is computed from the weighted severity distribution of your vulnerabilities:
| Grade | Score | Meaning |
|---|---|---|
| A | 90–100 | Excellent — few or no significant issues |
| B | 75–89 | Good — mostly low-severity issues |
| C | 60–74 | Fair — some medium-severity issues |
| D | 40–59 | Poor — significant issues present |
| F | 0–39 | Critical — urgent attention needed |
The score reflects severity, not count. A project with many low-severity issues can still score A, while a few critical issues will drop the score significantly.
Filtering vulnerabilities
Use the severity tabs to filter by level (Critical, High, Medium, Low, Info) and the search bar to find specific issues by title or content.
Risks tab
The Risks tab shows non-vulnerability items from the Genesis analysis — technical debt, TODOs, missing best practices, and configuration improvements. These are important to track but are not security vulnerabilities.
Each risk card shows:
- Title — Description of the risk
- Confidence — How confident the AI is in this finding
- Related files — Source files associated with the risk
- Details — Full explanation (click to expand)
Use the search bar to filter risks by keyword.
Dismissing resolved issues
Click Dismiss fixed (Vulnerabilities tab only) to automatically check recent git commits against your security issues. If the files associated with an issue were modified in recent commits, the issue is either archived (high confidence fix) or flagged for review.
After dismissal, a banner shows the results:
- How many issues were dismissed
- How many were flagged for review
- How many commits and items were scanned
Prerequisites
The Security Center requires a completed Genesis Scan with the Security audit option enabled. Without a security scan, the page shows an empty state with a link to run one.
Next steps
- Genesis Scan — Run a security audit on your codebase
- Findings Explorer — Browse all Genesis findings across all analysis layers
- Operations — Monitor system health and review flagged items