Navigation & Screens
Summary
Section titled “Summary”The RedCloud interface is a single application shell with a left sidebar (the main menu) and a top header (global controls). The sidebar groups every screen into collapsible sections; the header holds search, language, theme, operation mode, and the tenant switcher. This page is a map of the whole product — use it to find any screen and understand what it’s for.
The main menu, group by group
Section titled “The main menu, group by group”Overview
Section titled “Overview”| Screen | What it’s for |
|---|---|
| Security Hub | A landing hub of curated tiles that launches you into the other sections. |
| Dashboard | At-a-glance posture: KPI cards (identities scanned, Critical/High/Medium/Low counts, attack paths, max risk), a severity donut, risk charts, and an executive summary. |
Findings & Risk
Section titled “Findings & Risk”The day-to-day triage area.
| Screen | What it’s for |
|---|---|
| Issues | The canonical findings screen (Wiz-style). Filter by severity, search, accept risk, and manage exemptions. |
| Issues — New Layout | An alternative visual layout over the same finding data. |
| SLA Tracking | Finding SLA timers and breach status. |
| Vulnerabilities | A CVE / vulnerability-centric view. |
| CIS Benchmark | CIS GCP Foundation compliance scoring. |
| Risk Scoring | Prioritized risk scoring across findings. |
| Effective Access | Who can effectively reach what, after policy evaluation. |
| Security Checklist | A manual and automated security checklist. |
ASPM (Application Security Posture Management)
Section titled “ASPM (Application Security Posture Management)”A DefectDojo-style hierarchy for managing application-security work: Products, Engagements, Tests, Risk Acceptance Queue, Finding Rules, False Positive Library, Universal Import (ingest third-party scanner reports), Questionnaires, and Standards & Compliance, plus management surfaces such as Finding Groups, Custom Fields, Webhooks, Retention Policies, Report Builder, MTTR Dashboard, Calendar, Tags, and Bulk Operations.
Assets & Posture
Section titled “Assets & Posture”| Screen | What it’s for |
|---|---|
| Asset Inventory | CISO-level inventory across all scanned projects/accounts. |
| Cloud Architecture | A map of your cloud architecture. |
| IAM Permissions | IAM permission distribution and analytics. |
| Cloud Findings Hub | Unified GCP SCC + AWS Security Hub findings, with Excel/Word export. |
| Compliance | Compliance-framework dashboard. |
| Org Policies | Organization-policy posture, enforcement status, and drift. |
| Drift Detection | Configuration drift over time. |
| Data Security (DSPM) | Data security posture. |
FinOps
Section titled “FinOps”| Screen | What it’s for |
|---|---|
| FinOps Dashboard | Cloud cost/spend posture, connecting wasted spend to security hygiene. |
Attack Analysis
Section titled “Attack Analysis”How findings become attack stories. Key screens: Attack Paths, Attack Chains, Attack Graph (interactive force-directed graph), Kill Chain, Attack Timeline, Attack Feasibility, Exploit Validator, Top Paths, Attack Surface, Network Recon, Web Intelligence, Threat Detection, Threat Intel, MITRE ATT&CK (technique-coverage heatmap), Anomaly Detection, AI Insights, AI Query (ask questions in natural language), Architecture Review, and the Security Knowledge Base.
Security Testing
Section titled “Security Testing”Active and code-level testing. Includes Code Security, Code Flow Analysis, Dependency Analysis, SBOM Generator, License Scanner, AppSec Pipeline, IaC Scanner, Template Scanner, Secrets Scanner, Web Scanner (DAST), Web Fuzzer, WordPress Scanner, K8s Security, Container Security, VM / OS Scanner, Pen Testing, Web PT Hub, AI Pentest, Red Team Simulation, Attack Simulation, What-If Analysis, Blast Radius Search, LLM Security, and the Security Testing Hub (a central launcher for all of these).
Autopilot
Section titled “Autopilot”The autonomous and AI-driven operations area: Recon Pipeline, Autonomous Agent, Security Insights, Knowledge Base, Auto Code Fix, Pentest Report, Security Terminal, Rules of Engagement, Censys Intelligence, Visual Pipeline Editor, Tool Permission Matrix, Agent Configuration, Evolutionary Memory, and the Multi-Session Manager.
Reports
Section titled “Reports”| Screen | What it’s for |
|---|---|
| Report Manager | Build and export branded reports (see Reports). |
| Comparison Report | Compare two scans for trend analysis. |
| Remediation Roadmap | Prioritized, AI-assisted remediation plan. |
Operations
Section titled “Operations”| Screen | What it’s for |
|---|---|
| Cloud Resources | Browse scanned cloud resources. |
| Graph Analysis Hub | Centralized resource/attack/force-graph visualizations. |
| External Recon | Outside-in reconnaissance of your exposed surface. |
In-product System Book, Changelog, and a Capabilities view that lists what the platform can do.
The Administration panel
Section titled “The Administration panel”Opened from the Administration divider in the sidebar; items can be permission-gated.
| Group | Key screens |
|---|---|
| Platform Administration | Super Admin Dashboard |
| Operations | New Scan, Demo Scan, Scan History, Mutelist, Red Team, SLA Configuration |
| Monitoring & Logs | Live Logs (Scan Investigation Console), Application Logs, Audit Log, Hebrew Quality |
| Connections | Deployments (connect clouds), Customer Onboarding, Multi-Cloud Security, Connection, Architecture Diagram |
| User Management | Users, Roles & Permissions, Tenants, SSO Settings, IAP Provisioning, API Keys |
| System Settings | AI Configuration, Model Routing, Email, Storage, Custom Icons, Exemption Policies, License |
The New Scan screen is the main launcher — provider selection, connected-account quick-select, scope tabs (Project / Folder / Org / Custom), profile chips, option toggles (Mock, SARIF, Host Security, Web PT, Audit), and a pre-scan permission check. It is documented in detail in CSPM & Findings.
Cross-cutting controls (header)
Section titled “Cross-cutting controls (header)”| Control | What it does |
|---|---|
| Global search | Press Ctrl/Cmd + K to search pages and findings, with breadcrumb paths. |
| Operation mode | Switch between Security Assessment and Red Team (Red Team is locked behind a disclaimer). See Core Concepts. |
| Language | Toggle English / Hebrew; the whole UI re-flows for RTL. |
| Theme | Light, dark, or follow system. |
| Tenant switcher | Switch between the tenants you belong to; shows the plan badge and per-tenant branding. |
| Help button | Appears on every section header and opens context-sensitive, bilingual help. |
| AI assistant | A floating chat button for the tenant-scoped AI assistant. |
Notes & limitations
Section titled “Notes & limitations”- The exact set of visible screens depends on your role and permissions and your tenant’s license plan — some screens are hidden when a feature isn’t licensed or you lack the permission.
- Red Team and other offensive screens require accepting a disclaimer and operate only within an authorized scope.