Skip to main content
Skip table of contents

View your Violating Workflows and Findings

Overview

In the Mend Platform, Violating Workflows are the result of Workflows designed to enforce specific conditions during the development process. When a workflow matches the defined conditions during a scan, a policy violation is created after being set as the Workflow Action.

By analyzing the count and findings of these policy violations, you can better assess which issues require immediate attention, ensuring that critical vulnerabilities are addressed promptly and efficiently.

This article will guide you through where and how to view the violating workflows, helping you measure the impact of policy enforcement and optimize your required response actions.

Getting it done

Note: Before performing scans, an Automation Workflow that meets the conditions with an action to create a policy violation should be created.

View your Violating Workflows in the Mend Platform

You can search for the Applications/Projects containing scans that have met the conditions defined in the Automation Workflow.

  1. Navigate to the Applications/Projects general view in the Mend Platform.

  2. In the main table, you can see the following columns available:

    1. Violated Findings - The total number of findings matching the policy violation.

    2. Violation Workflows - The name(s) of the Automation Workflows that triggered the policy violation creation.

image-20240910-222529.png

  1. When clicking on the number of Violated Findings per Application/Project, you’ll be navigated to the Violations table view, where you can review the list of Findings, Violations, Workflows, Engines, and the Origin.

image-20240910-222936.png

Note: The Violations table view can be accessed directly from a specific Application or Project under the General section in the left-side navigation menu.

image-20240910-223155.png

View your Violating Workflows in the Mend CLI

Once a scan through the Mend CLI is completed and the Automation Workflow has violated a policy, you’ll see the violating workflows and findings as part of the Mend CLI console results.

If the Mend CLI scan scope falls under your workflow created in the Mend Platform, the Mend CLI will print out any policy violations found in the console results. The information will be separated into 2 tables:

The Violating Findings Table

image-20240910-231255.png

  • The table lists the top 50 violated findings created following the scan.

  • The table will include the following columns:

    • Finding - The vulnerability finding

    • Origin - The affected library

    • Violations - The number of violations created following the finding

    • Workflows - The names of the Automation Workflows which triggered the violation

The Violating Workflows Table

image-20240910-231215.png

The table lists all the Automation Workflows that triggered policy violations.

Field

Description

Workflow

The name of the workflow condition that violated the policy.

Conditions

The type of condition that was violated. The available values are available in our Workflow configuration parameters documentation.

Note: The tables will not appear if no violations occurred.

Reference

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close