Overview
The Repositories Catalog provides complete visibility into all code repositories detected across your organization — including GitLab, GitHub, Bitbucket, or any connected developer platform.AIM automatically aggregates repository data, identifies vulnerable or archived repos, and correlates each repo with associated assets, owners, and risk levels.
Repositories Catalog Overview
Key Metrics & Analytics
The top analytics panel gives teams an instant understanding of repository health and security posture.Metrics Displayed
- Total Repositories — Total number of repositories discovered across integrations.
- Vulnerable Repositories — Repos associated with security issues or detected weaknesses.
- Private Repositories — Internal or restricted-access repos (0 in screenshot).
- Public Repositories — Repos exposed publicly (0 in screenshot).
Activity Dashboard
Repository Activity Distribution
This helps identify stagnant codebases, abandoned services, or actively developed projects.
Archive Status
Repository Archive Classification
- Archived — No longer maintained
- Active — Still in use or being updated
Technology Distribution
Shows programming languages or tech stacks used across detected repositories.(Empty in screenshot → will populate when tech metadata is available.)
Search, Filters & Sorting
To support deep analysis, users can filter repositories by:| Filter | Description |
|---|---|
| Owners | Filter repos by assigned owners or contributors. |
| Risk | Sort or filter via automated repository risk scoring. |
| Exposure | Identify repos linked with exposed assets. |
| Adapters | Filter by the integration source (e.g., GitLab adapter). |
| hasVulns | Show only repos containing vulnerabilities. |
| Associations | Filter repositories connected to other AIM assets. |
Repository Table Details
Each repository entry includes:| Column | Description |
|---|---|
| Asset Value | Repository URL or identifier. |
| Source | Detection method (e.g., gitlab). |
| Vuln Count | Total vulnerabilities linked with the repo. |
| Auto Risk | Automated risk score. |
| Owner | Team or user responsible for maintaining the repository. |
| Language | Primary programming language (if detected). |
| Associations | Number of linked assets (apps, services, domains, etc.). |
| Pushed At | Last code push timestamp. |
| Created At | Repository creation timestamp. |
Full Repository View
Each repository page contains:Summary
- Repository link
- Ownership
- Risk score
- Activity timeline
- Exposure / associations
Vulnerability Insights
If repositories are linked with VM or SAST findings, they appear here:- Severity breakdown
- Discovery timeline
- State and remediation history
Metadata & Language Detection
Programming language, frameworks, and package insights (when available).Associations
Shows related applications, APIs, certificates, or IPs.How Repositories Are Discovered
AIM detects repositories using:- GitLab Adapter — Syncs repos, metadata, and activity logs.
- CI/CD Integrations — Detects repos referenced in pipelines.
- VM adapter — Maps vulnerabilities back to their source repos.
Example Use Cases
- Security Teams: Identify vulnerable or abandoned repos.
- Developers: Track ownership and risk of application code.
- Compliance Teams: Ensure all repositories meet governance requirements.
- Engineering Leaders: Monitor development activity trends.
Explore Live Demo
Explore AIM Live — No Signup Needed
Instantly explore how Snapsec AIM discovers, enriches, and tracks every asset in real time — all without creating an account.