# How Xygeni works The Xygeni platform is a cloud-based service, accessible via REST API, that keeps findings and metadata from different sources. The [**Xygeni Scanner**](https://docs.xygeni.io/xygeni-scanner-cli/xygeni-cli-overview)**,** runs in your internal network and asses your infrastructure for different types of vulnerabilities (Visit [here ](https://docs.xygeni.io/xygeni-scanner-cli/xygeni-scanners)for further info on available scanners). Once the scan is done, you decide either to upload the results to the Xygeni servers (to see the results into the SaaS [Xygeni Dashboard](https://docs.xygeni.io/introduction-to-xygeni/xygeni-web-ui-overview)) or keep the results locally for further processing. The **Xygeni platform** is represented by the chart below:
### Scanner Xygeni provides a command-line interface (CLI) for running the [**scanner**](https://docs.xygeni.io/xygeni-scanner-cli/xygeni-cli-overview). The scanner can either run analysis commands separately, like detecting hardcoded secrets or misconfigurations, or run all the analyses at once. The [**scanner**](https://docs.xygeni.io/xygeni-scanner-cli/xygeni-cli-overview) is java based and can be triggered directly from the [**command line**](https://docs.xygeni.io/xygeni-scanner-cli/xygeni-cli-overview/xygeni-cli-operation-modes), from any [**batch program**](https://docs.xygeni.io/xygeni-scanner-cli/xygeni-cli-overview/xygeni-cli-operation-modes) (Unix shell script, Windows batch, PowerShell script, etc.), from [**git hooks**](https://docs.xygeni.io/xygeni-administration/platform-administration/integrations/git-hooks-with-xygeni) (pre-commit, pre-receive) or embedded into [**CI/CD pipelines**](https://docs.xygeni.io/xygeni-administration/platform-administration/integrations/integrate-scanner-cli-into-ci-cd-systems). The scanner can be scan a [**file directory**](https://docs.xygeni.io/xygeni-scanner-cli/xygeni-cli-overview/xygeni-cli-operation-modes/single-scan), a [**container image**](https://docs.xygeni.io/xygeni-scanner-cli/xygeni-cli-overview/xygeni-cli-operation-modes/single-scan), a [**repository**](https://docs.xygeni.io/xygeni-scanner-cli/xygeni-cli-overview/xygeni-cli-operation-modes/single-scan) or group of repositories and even a whole [**SCM organization**](https://docs.xygeni.io/xygeni-scanner-cli/xygeni-cli-overview/xygeni-cli-operation-modes/organization-scan). {% hint style="info" %} The Xygeni Scanner can be automatically installed into you repositories or manually embedded into your pipelines. Please visit [Quick start with your code repository](https://docs.xygeni.io/getting-started/quick-start-with-your-code-repository) and [Quick start with Xygeni CLI](https://docs.xygeni.io/getting-started/quick-start-with-xygeni-cli) for further information. {% endhint %} Scanner findings can be inspected in the [***Dashboard***](https://docs.xygeni.io/introduction-to-xygeni/xygeni-web-ui-overview), downloaded via Xygeni [**REST-API**](https://docs.xygeni.io/xygeni-administration/rest-api), [**exported**](https://docs.xygeni.io/xygeni-scanner-cli/xygeni-cli-overview/xygeni-cli-output-formats) in several formats (*csv, json*, etc...) and also create [***tickets***](https://docs.xygeni.io/xygeni-administration/platform-administration/integrations/ticketing-systems) (Jira, GitHub) or opening [***messages***](https://docs.xygeni.io/xygeni-administration/platform-administration/integrations/collaboration-and-communication-tools) (Slack) to notify your team about an issue. {% hint style="info" %} See [Xygeni Scanner](https://docs.xygeni.io/xygeni-scanner-cli/xygeni-cli-overview) for further detail {% endhint %} ### Dashboard The [Dashboard](https://docs.xygeni.io/introduction-to-xygeni/xygeni-web-ui-overview/dashboard) is the web user interface for showing the results of the scans. The dashboard provides a summary security posture and the breakdown of security issues at the global, group or project levels. Trends exploration, reporting, and platform administration, among other facilities are also displayed. {% hint style="info" %} See [Dashboard](https://docs.xygeni.io/introduction-to-xygeni/xygeni-web-ui-overview/dashboard) for further detail {% endhint %} ### Rest API The [REST API](https://docs.xygeni.io/xygeni-administration/rest-api) is the central element in the platform. All elements in the platform use the API as a backbone for reporting findings and receiving the processed information for integration into Xygeni tools, third-party plugins and integrations or any custom integration for organizations. {% hint style="info" %} See [REST API](https://docs.xygeni.io/xygeni-administration/rest-api) for further detail {% endhint %} ### Integrations Xygeni provides integrations for running scans or uploading security issues, performing administrative operations, or exporting findings to communication and reporting tools. {% hint style="info" %} See [Integrating Xygeni into your Workflow](https://docs.xygeni.io/introduction-to-xygeni/integrating-xygeni-into-your-workflow) and [Integrations ](https://docs.xygeni.io/xygeni-administration/platform-administration/integrations)for further detail {% endhint %} ### Sensor Activity on public repositories is monitored by Xygeni so potential attacks could be detected early. Publishing new packages in popular public repositories is an example of an activity that is monitored by Xygeni. In addition, security advisories are ingressed for modelling new threats and malicious activity on the wild. Xygeni customers may receive alerts when a security issue may affect them. {% hint style="info" %} See [Xygeni Sensors](https://docs.xygeni.io/xygeni-products/anomaly-detection/xygeni-sensors) and [Anomalus Activity](https://docs.xygeni.io/xygeni-products/anomaly-detection/anomaly-detection-user-interface-guide) for further details. {% endhint %}