Skip to main content

Reading Reports

CALMGuard's dashboard presents analysis results across multiple panels, each providing a different lens on your architecture's compliance posture.

Dashboard Overview

When analysis completes, the dashboard shows:

┌─────────────────┬──────────────────────────────┬──────────────────┐
│  Compliance     │  Architecture Graph           │  Agent Feed      │
│  Score Gauge    │                               │                  │
├─────────────────┤  Nodes with compliance colors │  Live streaming  │
│  Framework      │  connected by relationships   │  agent events    │
│  Breakdown      │                               │  and findings    │
├─────────────────┴──────────────────────────────┤                  │
│  Risk Heat Map  │  Control Matrix               │                  │
│                 │                               │                  │
├─────────────────┴──────────────────────────────┴──────────────────┤
│  Findings Table (sortable, filterable by severity/framework)       │
├──────────────────────────────────────────────────────────────────  │
│  Pipeline Preview (generated GitHub Actions + Security scanning)   │
└────────────────────────────────────────────────────────────────────┘

Compliance Score Gauge

The compliance score gauge displays your overall compliance score from 0 to 100.

Score RangeStatusColor
80-100CompliantEmerald (green)
50-79Partially CompliantAmber (yellow)
0-49Non-CompliantRed

The gauge animates as the Risk Scorer agent calculates the final score. Below the gauge, a framework breakdown shows per-framework scores:

  • SOX — Sarbanes-Oxley financial controls
  • PCI-DSS — Payment Card Industry Data Security Standard
  • NIST-CSF — NIST Cybersecurity Framework
  • FINOS-CCC — FINOS Common Cloud Controls

You can filter frameworks using the framework selector to focus on specific regulatory requirements.

Architecture Graph

The architecture graph visualizes your CALM document as an interactive node graph.

Node Colors

Each node is colored by its compliance risk level:

Border ColorRisk LevelMeaning
EmeraldLowNo significant compliance gaps
AmberMediumSome gaps, review recommended
RedHigh/CriticalImmediate attention required

Node Types

Icons and shapes indicate the CALM node type:

  • Actor (person icon) — humans or external systems
  • Service (gear icon) — microservices and applications
  • Database (cylinder icon) — data stores
  • Network (network icon) — network infrastructure
  • WebClient (browser icon) — front-end clients

Trust Boundaries

deployed-in and composed-of relationships render as trust boundary boxes — dashed containers grouping related nodes. These represent logical or physical deployment boundaries (e.g., VPC, datacenter, cloud region).

Interaction

The graph is read-only (nodes are not draggable). The auto-layout algorithm (dagre) positions nodes for optimal readability. Hover over nodes to see tooltips with node details.

Risk Heat Map

The risk heat map shows compliance risk across nodes and frameworks in a grid:

  • Rows: Architecture nodes
  • Columns: Compliance frameworks (SOX, PCI-DSS, NIST-CSF, FINOS-CCC)
  • Cell colors: Same emerald/amber/red scale as the graph

This matrix view makes it easy to spot which nodes have issues with which frameworks — for example, a database node may be high-risk for PCI-DSS but low-risk for NIST-CSF.

Control Matrix

Below the heat map, the control matrix shows individual control requirements:

Control IDDescriptionFrameworkStatus
pci-req-3Protect stored cardholder dataPCI-DSSPartial
sox-802Financial record retentionSOXCompliant

Filter by framework or compliance status using the dropdowns.

Findings Table

The findings table is the most actionable panel — it shows specific compliance gaps with recommendations.

Columns

ColumnDescription
SeverityCritical / High / Medium / Low / Info
FrameworkWhich compliance framework the finding applies to
NodeWhich architecture node is affected
FindingDescription of the compliance gap
RecommendationSuggested remediation step

Severity Levels

LevelColorAction
CriticalRedImmediate remediation required
HighOrangeFix before next release
MediumAmberAddress in current sprint
LowBlueSchedule for backlog
InfoGrayInformational, no action required

Filtering

Use the severity dropdown to filter findings by priority. The table is sorted by severity (critical first) by default.

Pipeline Preview

The pipeline preview shows auto-generated CI/CD configuration based on your architecture.

CALMGuard's Pipeline Generator agent produces:

  • GitHub Actions workflows — security scanning pipeline (.github/workflows/security.yml)
  • Trivy configuration — container and filesystem vulnerability scanning
  • OWASP ZAP — dynamic application security testing
  • Secrets scanning — detect credentials in source code

Toggle between configuration formats using the tab selector. The YAML syntax is highlighted for readability.

Using the Generated Pipeline

Copy the generated YAML to your repository's .github/workflows/ directory. The pipeline is pre-configured for your specific architecture — for example, if your architecture includes a database, the pipeline includes SQL injection scanning; if it includes APIs, it includes API fuzzing.

Agent Feed

The Agent Feed (right sidebar) shows the live stream of agent events as analysis runs:

Event TypeDescription
StartedAgent begins execution
ThinkingAgent processing — intermediate reasoning
FindingA specific compliance finding discovered
CompletedAgent finished successfully
ErrorAgent encountered an error

The feed persists after analysis completes so you can review what each agent found and in what order.