Skip to main content
The Root dashboard gives Security Leadership and AppSec teams a continuous view of supply chain security posture across all adopted images and packages.

Dashboard Overview

The Root dashboard is the first thing you see after logging in. It provides an at-a-glance summary of your organization’s security posture with four key panels:
  1. Days without an SLA breach - how many consecutive days your team has operated without a missed SLA deadline
  2. Root assets in use - total count of images and libraries your organization subscribes to
  3. CVEs shifted out by Root - cumulative count of vulnerabilities Root has eliminated from your environment
  4. CVEs meeting their SLA within the next 7 days - active CVEs with deadlines approaching, so you can monitor Root’s remediation progress
A Vulnerabilities Feed panel at the bottom shows a live stream of the most recently patched CVEs, including which package version delivered the fix.

CVE Backlog Metrics

The Vulnerabilities section breaks down your full CVE inventory by status:
StatusMeaning
FixedRoot has applied a patch - the CVE is no longer present
Under SLARoot is actively working on a patch within the committed deadline
No Fix AvailableNo upstream fix exists; Root is monitoring for one
Metrics are shown with severity breakdown (Critical, High, Medium, Low) and filtered by ecosystem (containers, Python, JavaScript, Java). The Reports page includes a Vulnerability Reduction Graph - a before/after visualization showing how many CVEs Root has eliminated across your subscribed artifacts over time.

Patch Coverage

The Root assets in use panel shows:
  • Total subscribed images (from cr.root.io)
  • Total subscribed libraries (from pkg.root.io)
The Subscriptions table (under each catalog) shows per-image and per-package patch coverage:
ColumnDescription
Fixed CVEsCount of patched vulnerabilities, with before/after severity breakdown
Last UpdateWhen Root last applied a patch to this artifact
Last ScanWhen this artifact was last scanned for new CVEs

Mean Time to Remediation (MTTR)

Root tracks SLA performance per CVE:
SLA StatusMeaning
metPatch was delivered before the SLA deadline
activePatch is in progress; deadline has not yet passed
breachedPatch was not delivered within the SLA
not_applicableNo fix candidate exists; SLA clock does not apply
The Days without an SLA breach counter on the dashboard reflects your organization’s streak of unbroken SLA compliance. Root’s committed SLA targets:
SeveritySLA
Critical7 days
High14 days
Medium60 days

Custom Views and Filters

In the Vulnerabilities page, filter the CVE table by:
  • Package name or CVE ID (search)
  • Ecosystem: PyPI, APK, APT, npm, Maven
  • Severity: Critical, High, Medium, Low, Unknown
  • Status tab: Fixed / Under SLA / No Fix Available
Filters can be combined. For example: High-severity PyPI packages currently under SLA. In the Subscriptions table, filter by image name, OS, or last update date to focus on specific parts of your fleet.

Exporting Metrics

CSV export: From the Vulnerabilities page, use the export button to download the current filtered view as a CSV. The export includes CVE ID, severity, CVSS score, package, ecosystem, OS, SLA status, and fix date. API access: All dashboard data is available via the Root API for integration with BI tools, dashboards, and SIEM: 
# Get all fixed CVEs for your organization
curl -H "Authorization: Bearer $ROOT_TOKEN" \
  "https://api.root.io/v1/patches?ticket_statuses=done&order=updated_at:desc"

# Get CVEs currently under SLA
curl -H "Authorization: Bearer $ROOT_TOKEN" \
  "https://api.root.io/v1/patches?ticket_statuses=open,in_progress"

# Get subscribed images with patch metadata
curl -H "Authorization: Bearer $ROOT_TOKEN" \
  "https://api.root.io/v1/subscriptions/"
Webhook notifications: Root can push patch delivery events to a webhook endpoint, enabling real-time updates in Slack, PagerDuty, Jira, or your SIEM. Contact Root to configure webhook delivery.