Universal Search¶
Universal search gives you instant access to everything in Mayo ASPM from a single input field. Whether you are looking for a specific CVE, a repository, a finding in a particular file, or a recent scan, you can find it in seconds without navigating through menus.
Opening search¶
There are two ways to open universal search:
Keyboard shortcut¶
| Platform | Shortcut |
|---|---|
| macOS | ++cmd+k++ |
| Windows / Linux | ++ctrl+k++ |
This opens the search overlay from anywhere in the application. Your hands never leave the keyboard.
Search bar¶
Click the search icon or the search bar in the top navigation. This opens the same search overlay.
Muscle memory
The Cmd+K / Ctrl+K shortcut is the fastest way to navigate Mayo ASPM. Once you build the habit, you will use it constantly — to jump to findings, switch between assets, and check scan status.
What you can search¶
Universal search indexes everything in your organization. Here is what you can find and how to search for it:
Findings¶
| Search by | Example query | What it matches |
|---|---|---|
| Title | SQL injection |
Findings with "SQL injection" in the title. |
| CVE ID | CVE-2024-1234 |
Findings linked to a specific CVE. |
| CWE ID | CWE-89 |
All findings categorized under a specific CWE. |
| File path | src/auth/login.py |
Findings in a specific file. |
| Rule ID | python.sqlalchemy.injection |
Findings from a specific scanner rule. |
| Severity | critical |
All critical-severity findings. |
Assets (repositories)¶
| Search by | Example query | What it matches |
|---|---|---|
| Repository name | backend-api |
Assets with "backend-api" in the name. |
| Full name | acme/frontend |
Assets matching the org/repo pattern. |
| Language | python |
Assets detected as containing Python code. |
Scans¶
| Search by | Example query | What it matches |
|---|---|---|
| Status | failed |
Scans with a failed status. |
| Scanner | semgrep |
Scans that used a specific scanner. |
| Scan name | nightly baseline |
Scans with a custom name matching the query. |
Projects¶
| Search by | Example query | What it matches |
|---|---|---|
| Project name | payments |
Projects with "payments" in the name. |
Policies¶
| Search by | Example query | What it matches |
|---|---|---|
| Policy name | auto-triage |
Policies with "auto-triage" in the name. |
| Policy kind | triage |
All triage policies. |
Search results¶
Results appear instantly as you type, grouped by category:
┌──────────────────────────────────────────────┐
│ Search: CWE-89 │
├──────────────────────────────────────────────┤
│ │
│ FINDINGS (12) │
│ ● SQL Injection in users.py HIGH │
│ ● SQL Injection in orders.py HIGH │
│ ● SQL Injection in search.py MEDIUM │
│ ... and 9 more │
│ │
│ ASSETS (0) │
│ No matching assets │
│ │
│ SCANS (3) │
│ ● Semgrep scan on backend-api Completed │
│ ● Semgrep scan on user-service Completed │
│ ● Bandit scan on backend-api Completed │
│ │
└──────────────────────────────────────────────┘
Result categories¶
Results are grouped under headers:
- Findings — vulnerability matches, shown with severity badge.
- Assets — repository matches, shown with language indicator.
- Scans — scan run matches, shown with status badge.
- Projects — project matches, shown with finding count.
- Policies — policy matches, shown with policy kind.
Each category shows up to 5 results initially. Click "Show all" to expand.
The magic side panel¶
The most powerful feature of universal search is the side panel. When you hover over or select a search result (using arrow keys), a preview panel slides in from the right showing detailed information without navigating away.
What the side panel shows¶
For findings:
| Section | Content |
|---|---|
| Header | Finding title, severity badge, status badge. |
| Location | File path and line number. |
| Code snippet | The vulnerable code with syntax highlighting. |
| Metadata | Scanner, rule, CWE/CVE, first seen date. |
| Actions | Quick-triage buttons (Confirm, Accept Risk, Resolve, False Positive). |
For assets:
| Section | Content |
|---|---|
| Header | Repository name, GitHub link indicator. |
| Stats | Open findings count by severity, last scan date. |
| Languages | Language breakdown bar. |
| Actions | Quick-scan button, navigate to asset. |
For scans:
| Section | Content |
|---|---|
| Header | Scanner name, status badge. |
| Stats | Finding counts (new, existing, fixed), duration. |
| Timeline | Start time, end time. |
Triage directly from search
You can change a finding's status directly from the side panel without ever opening the full finding detail page. This makes rapid triage incredibly fast — search for a CWE, arrow through results, and triage each one from the panel.
Navigation shortcuts¶
Universal search doubles as a navigation tool. Type any of these to jump directly:
| Query | Navigates to |
|---|---|
>dashboard |
The Dashboard page |
>assets |
The Assets page |
>findings |
The Findings page |
>scans |
The Scans page |
>projects |
The Projects page |
>policies |
The Policies page |
>settings |
The Settings page |
The > prefix tells search you want to navigate, not search for content.
Quick actions
Type >new scan to open the new-scan dialog directly. Type >new policy to jump to the policy editor. These shortcuts save clicks.
Keyboard navigation¶
Universal search is fully keyboard-navigable:
| Key | Action |
|---|---|
| ++cmd+k++ / ++ctrl+k++ | Open search |
| ++escape++ | Close search |
| ++arrow-up++ / ++arrow-down++ | Move between results |
| ++enter++ | Open the selected result's full page |
| ++tab++ | Move focus to the side panel actions |
| Type to refine | Results update instantly as you type |
Workflow: keyboard-only triage¶
- Press ++cmd+k++ to open search.
- Type
criticalto find all critical findings. - Press ++arrow-down++ to select the first result — the side panel opens.
- Review the code snippet in the panel.
- Press ++tab++ to reach the triage buttons. Press ++enter++ on the appropriate action.
- Press ++arrow-down++ to move to the next result.
- Repeat until all critical findings are triaged.
Search tips and best practices¶
Be specific when you can¶
Instead of searching for injection, search for CWE-89 or SQL injection in users.py. Specific queries return fewer, more relevant results.
Use search to audit¶
- "How many findings do we have for CWE-79?" — search for
CWE-79and check the findings count. - "Did the nightly scan succeed?" — search for
nightlyorfailedto check scan status. - "What findings are in the payments service?" — search for
paymentsand click the project result.
Combine with filters¶
Search gets you to the right area. Once you are on the Findings page (via a search result), use the full filter bar to refine further — by date range, status, scanner, etc.
Search scope
Universal search only shows data from your currently-selected organization. If you belong to multiple organizations, switch to the correct one before searching.
Performance¶
Universal search is designed for speed:
- Results appear within 100ms of typing, even for organizations with tens of thousands of findings.
- The search index is updated in real time — new findings from a just-completed scan are searchable immediately.
- There is no "search" button — results are live as you type.