Xygeni User Guides
  • Welcome to Xygeni
  • Getting Started
    • Create a Free Trial Account
    • Quick start with your code repository
    • Quick start with Xygeni CLI
    • Quick start with a preloaded project
    • Log in to Xygeni
    • Subscribe to Xygeni
  • Introduction to Xygeni
    • Key Concepts
      • Projects in Xygeni
      • Project Baseline
      • Detected Issues
      • Remediation Actions
      • Policies
      • Risk Level
      • SDLC Inventory
      • Standards Compliance
      • GuardRails
    • Xygeni Products
    • How Xygeni works
    • Xygeni Web UI Overview
      • Projects Screen
        • Risk Level
    • Integrating Xygeni into your Workflow
    • Prioritization Funnels
      • Custom Funnels
      • Prioritization Criteria (Stages)
        • Reachability
        • Exploitability
        • Fixable
    • Guardrails
    • Generate a SBOM
    • Reports
      • Trends
      • Scan History
    • Supported Integrations
    • Customizations
  • Xygeni Products
    • Application Security Posture Management (ASPM)
      • ASPM User Interface Guide
      • Projects
      • All Risks
        • Statistics
        • Issues Evolution
        • Issue Comparison Between Different Scans
      • Governance
      • Inventory
        • All Assets
        • Repositories
        • Components
        • CI/CD Assets
        • Delivery Assets
        • Systems & Tools
        • Collaborators
      • Health Check
      • Inventory Scanner
        • Inventory Scanner Configuration
        • Inventory Collaborators Scan
      • Importing reports from 3rd party tools
        • External Scanners Supported
          • Report upload for Kiuwan
            • ExportRule (.java)
    • Code Security (SAST)
      • Code Security (SAST) User Interface Guide
        • Risks (SAST)
        • Malicious Code
      • Malware Scanner
        • Malware Scanner Configuration
        • Malware Detectors
      • SAST Scanner
        • SAST Scanner Configuration
    • Open Source (SCA)
      • Open Source (SCA) User Interface Guide
      • Open Source Components
      • Supported Package Managers for dependency resolution
      • Risks (SCA)
      • OSS Prioritization Funnels
      • OSS Auto-Remediation
      • Malware Early Warning (MEW)
        • How Malware Early Warning works
        • Common types of Malware found in open source packages
      • Dependency Scanner
        • Dependency scanner configuration
        • Dependency Analyzers
      • Suspect Dependencies Scanner
        • Suspect Deps Scanner Configuration
        • Suspect Deps Detectors
    • CI/CD Security
      • CI/CD Security User Interface Guide
      • CI/CD Details
      • Build Attestations
      • CI/CD Scanner
        • CI/CD Misconfigurations Scanner Configuration
      • Compliance Scanner
        • Supported compliance standards
    • Secrets Security
      • Secrets User Interface Guide
      • Secrets Scanner
        • Secrets scanner configuration
      • Secret Leaks Handling
        • Secret Leaks Handling
        • How to Prevent Hard-Coded Secrets
        • Secret Leaks Handling CheatSheet
      • Secrets Auto-Remediation
    • IaC Security
      • IaC User Interface Guide
      • IaC Scanner
        • IaC Scanner Configuration
    • Malware
    • Build Security
      • Build Security Concepts
      • Build Attestations
      • Attestation format
      • How SALT works
      • Installing Salt CLI
      • Salt Command-Line Reference
      • SALT Architecture
      • SALT How To…​
    • Anomalous Activity Detection
      • Anomalous Activity Detection User Interface Guide
      • Xygeni Sensors
        • Xygeni Sensor for Azure
        • Xygeni Sensor for BitBucket
        • Xygeni Sensor for GitHub
          • GitHub Audit Log Processing
        • Xygeni Sensor for GitLab
        • Xygeni Sensor for Jenkins
        • Anomaly Detection's Detectors
      • Code Tampering Scanner
        • Code Tampering Scanner Configuration
    • Compliance & Malware Insights
      • SSCS Compliance
      • Malicious Packages DB
  • Scan Management
    • Manage Scans
      • Manage Scans FAQ
    • Scan History
  • Xygeni Scanner CLI
    • Xygeni Scanners
    • Xygeni CLI Overview
      • Xygeni CLI Prerequisites
      • Xygeni CLI Installation
      • Xygeni CLI Docker Image
      • Xygeni CLI Authentication
        • CLI Authentication with Xygeni
      • SCM, CI/ CD and Container Registry tokens
      • Xygeni CLI Operation Modes
        • Single scan
          • Scanning a docker image
        • Multi Scan
        • Organization scan
      • Xygeni CLI Configuration options
      • Xygeni CLI Output Formats
      • Exporting Xygeni results to 3rd party tools
      • Automatic Remediation
      • Generate SBOM with the Xygeni CLI
      • CLI utils
        • Credentials Encryption
        • Central Configuration
      • Xygeni Guardrails
        • CI/CD Audit Analysis
      • Xygeni CLI Error Codes
      • Xygeni Scanner Reference
  • Xygeni Administration
    • Platform Administration
      • Profile
      • Subscription
      • Users Management
      • Projects Management
      • Groups Management
      • Policies
      • Integrations
        • Xygeni Single Sign-On (SSO) Authentication
          • SSO - OKTA
          • SSO - Microsoft Entra ID
        • Integrate Scanner CLI into CI/CD Systems
          • Azure Pipelines Integration
          • BitBucket Integration
          • CircleCI Integration
          • GitHub Actions Integration
          • GitLab Runner Integration
          • Jenkins Integration
          • Travis CI Integration
        • Git Hooks with Xygeni
        • Collaboration & communication Tools
        • Ticketing Systems
        • Remediation systems
      • Notifications
    • Rest API
  • Support
  • Changelog
    • Version 5.11 - April 11, 2025
    • Version 5.9 – March 26, 2025
Powered by GitBook
On this page
  • Introduction
  • Choosing project or group in Dashboard
  • Projects Management
  • Project's Out-of-the-box Properties
  • Project's Custom Properties
Export as PDF
  1. Xygeni Administration
  2. Platform Administration

Projects Management

PreviousUsers ManagementNextGroups Management

Last updated 1 month ago

Introduction

A project is the target for the scans. It can be any unit of software that can be analyzed independently, with any granularity. It could correspond with an application, module, service, microservice, container image, library, component…​

A project typically is under version control, and it physically has a set of source files, often grouped as a repository in a Source Code Management (SCM) System.

So, in short, a project is the analysis unit in Xygeni, can match any software item that is analyzed independently (library, application etc.) and often is a repository under version control.

Projects have the following properties:

  • Business Value, one of CRITICAL, HIGH, MEDIUM, LOW or INFO.

  • Business Area, organization-specific.

  • Architecture, organization-specific.

  • Tags, arbitrary labels that could be added to a project for grouping and classification purposes.

Other common properties are Provider, which could be used to track your software suppliers' risk, and Product Unit, which help organizing scanned modules into aggregated software products.

You can also create your own Custom Properties. See for further details.

A could be assigned to a project. If no explicit policy is set for the project, the default policy will be used.

Choosing project or group in Dashboard

In the top bar of the Dashboard there is a project selector for choosing an individual project or a group of projects

The Projects Selector is a UI feature that allows to select a project subset among the available ones in the Xygeni organization. Almost every UI page’s data is related to the selected Project(s).

The subset of projects can vary from a unique project to All projects, passing for any defined subset.

Projects can be aggregated into groups defined dynamically via their properties. Projects can be tagged with labels that allow to group them in arbitrary collections.

Projects are scanned for analyzing Software Supply Chain Security issues; the scan findings are uploaded to the Xygeni service. The Dashboard shows such findings for an individual project or aggregated at any group.

There is a special group including the full software assets in the organization, the default All group.

Projects Management

Project Management page can be found at Settings >> Project Management

In order to browse through the existing projects, you can use the Filter fields.

Clicking on New Project button allows you to create a project. When creating a new project, you will see that some properties are General (i.e. out-of-the-box properties, those marked with a (*) are mandatory ) and others are Custom (i.e. defined by the Xygeni administrator).

Project's Out-of-the-box Properties

Xygeni comes with some out-of-the-box project properties (i.e. properties that are common for all the projects and part of the predefined Xygeni configuration). Out-of-the-box properties cannot be deleted (although you can freely assign values to them)

Together with these properties, you can define you own custom properties, as it's explained in next section.

Project's Custom Properties

Under the Custom Properties, you can click on the Add property link to define the new Custom Property.

Provide a name and the values for the custom property.

After saving, you will be able to see the new property added to the Custom Properties section.

Just select the appropriate value for the edited project and click on Update button to save changes.

The new custom property will appear in all your projects. Until you assign a specific value for a project, the value of the custom property for that project will be empty (no value)

To delete a custom property, just click on the trash button that appears to the right of the property.

See for further details

Clicking on icons will allow you to edit and delete the selected project.

A very important mandatory field is the (i.e. the custom configuration to be applied to the project).

To create a Custom Property, got to Project Management page and open any project (by clicking on icon) . A slide with the details of the project will open.

Once you have created a custom property, that property can be used as a filter in the Prioritization Funnels. Please see for further info.

Policy
Prioritization Funnels
Policy
Custom Properties
Projects Selector