Customize score settings at an organization level

To customize score settings for both overall score of applications and libraries at an organization level:

  1. Under organization settings, select Score settings.

  2. Under Overall score, choose how applications in this organization are scored:

    • Default scoring is the average of your application's library score and its custom code score.

    • Custom code-only scoring ignores library score when calculating the overall application score. If you select this option, you can click to select specific languages, or apply it to all languages.

  3. Under Library score, choose how libraries in this application are scored:

    • Default scoring uses an algorithm that includes vulnerabilities, as well as the age and versioning of a library.

    • Vulnerability-only scoring bases scoring solely on vulnerabilities present in the library.

  4. Select Save.


A RulesAdmin can configure policy settings in Policy Management so that any library in violation automatically receives a failing score (F). Once these settings are chosen, you'll see an alert message in Score Settings. Clicking the policy link in the alert navigates you to Library Policy, where administrators may view and revise these settings.