Get a Demo
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Managing Projects and Applications: Filtering, Tagging, and Search Best Practices

Hopper’s Projects and Applications views help you organize and prioritize risk across your portfolio. Whether you are managing a monorepo, multiple services, or hundreds of repositories, these views make it easy to filter, tag, and search for the vulnerabilities that matter most.

This guide walks through how to use these views for efficient triage, ownership alignment, and remediation planning.

Projects vs. Applications

  • A Project is a logical grouping, often corresponding to a repository or monorepo folder.
  • An Application is an individual component or service scanned by Hopper within that project.

You can toggle between All and Archived views to include or exclude inactive assets.

Each project or application includes:

  • Name and repository path
  • Tags (custom and system-defined)
  • Last scan date
  • Language ecosystem
  • Total vulnerabilities by severity
  • Direct link to the repository in your Git provider

Click into any project or application to see the full inventory of vulnerabilities tied to it.

Filtering and Searching

You can filter Projects or Applications using the following fields:

  • Severity of vulnerabilities
  • Last scanned window: 1 day or less, 2–7 days ago, or more than 7 days ago
  • Integration (e.g. GitHub, GitLab)
  • Build System Type (e.g. Maven, Gradle, Poetry)
  • Crown Jewels tag
  • Custom tags you define (e.g. team:platform, env:prod)

Use the search bar to locate assets by name or keyword.

Tagging for Ownership and Context

Tags help you organize and route issues based on your org’s structure and risk model. Use tags to indicate:

  • Team or business unit (e.g. team:data, team:security)
  • Environment (prod, dev, legacy)
  • Business criticality (crown-jewel, internal-only)
  • Workflow stage (in-triage, under-review, waiting-on-fix)

You can apply or remove tags directly in the Projects or Applications view—individually or in bulk.

Exporting Views

Filtered project or application lists can be exported in CSV or JSON format. Exports reflect any filters or tag selections applied, making them useful for reporting, triage sessions, and audit documentation.

SCM Links

Each project or application includes a link back to its source in your Git provider. This allows developers and reviewers to:

  • Inspect the vulnerable code in context
  • Cross-reference with active development branches
  • Initiate remediation directly from Hopper