Skip to main content

Findings Dashboard

When a Glean AI security policy is violated, an issue is created and displayed on the Findings dashboard. This page provides a detailed list of every flagged or blocked incident, helping administrators triage and resolve potential threats to their AI agents.

To access the dashboard, in the Glean Admin Console, navigate to Glean Protect → AI security and click the Findings tab.

AI Security Findings dashboard showing grouped issues by conversation with columns for Issue, Source, Action, User, Status, Assigned to, and Detected

Issues List

The Findings dashboard displays all AI security violations as issues with the following information:

FieldDescription
IssueA descriptive title for the issue, typically showing the policy violation and affected agent
SourceWhere the violation was detected (e.g., User prompt, Retrieved content, Agent response)
ActionThe enforcement action taken: Flagged (logged for review) or Blocked (request stopped)
UserThe user who initiated the agent run
StatusThe current triage status: Open, In Progress, Rejected, or Allowed
Assigned toThe team member assigned to review this issue (shows "Unassigned" if no one is assigned)
DetectedWhen the violation was detected

Filtering and Searching

Use the filters to quickly find and prioritize the most critical violations:

  • Confidence: Filter by High, Medium, or Low confidence levels
  • Source: Filter by the source of the violation (User prompt, Retrieved content, Agent response)
  • Action: Filter by enforcement action (Flagged, Blocked)
  • Status: Filter by triage status (Open, In Progress, Rejected, or Allowed)
  • Agent: Filter by agent name or type
  • Policy: Filter by specific security policies
  • Detected: Filter by when the violation was detected

Grouping by Conversation

Issues are grouped by conversation ID by default, allowing you to see all violations within the same chat session together. For scheduled agents that don't have conversation IDs, issues are grouped by run ID instead.

Issue Details

Click on any issue to open the detail pane, which provides comprehensive context for triage:

AI Security issue details pane showing summary, status, confidence, assigned user, and snippet of the violation

The issue details pane includes the following information:

  • Surface: Where the issue occurred (e.g., Glean chat, specific agent)
  • User: The user who initiated the agent run
  • Policy violated: The name of the security policy that was triggered
  • Conversation ID and Run ID: Unique identifiers for tracking and investigation
  • View chat: Link to see the full conversation context
  • Source: Where the violation was detected (User prompt, Retrieved content, or Agent response)
  • Snippet: The actual content that triggered the policy violation
  • Status and Confidence: Current triage status and detection confidence level
  • Assigned to: The team member responsible for reviewing this issue

Triage Actions

Individual Actions

For each issue, you can:

  • Change Status: Update the issue status to In Progress (when actively investigating), Rejected (false positive), or Allowed (acknowledged true positive)
  • Assign: Assign the issue to a team member for investigation
  • Add Comments: Add notes and triage rationale to document your investigation
  • View Trace: Examine the full agent execution trace to understand the context
  • Copy IDs: Copy the Run ID or Session ID for further investigation

Bulk Operations

Select multiple issues using the checkboxes to perform bulk actions:

  • Bulk Status Update: Change the status of multiple issues at once
  • Bulk Assignment: Assign multiple issues to a team member
  • Bulk Resolution: Quickly resolve multiple similar false positives

Providing Feedback

When triaging issues, you can provide structured feedback that helps improve the AI security models over time:

  1. Mark as False Positive: When changing status to Rejected, you're indicating that this detection was incorrect. This feedback is used to reduce similar false positives in future model updates.

  2. Mark as True Positive: When changing status to Allowed, you're confirming the detection was correct. This helps calibrate the models.

  3. Add Context: Use comments to provide additional context about why an issue is a false positive or what made it noteworthy.

This feedback flows into Glean's AI Security model improvement pipeline and helps reduce noise over time.

© 2026, Glean Technologies, Inc.
Last updated on