> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cysmiq.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Assets

> The tracked entities Cysmiq organizes across your codebase.

## Overview

Assets are the objects Cysmiq tracks and reports on. Repositories are scanned directly. Organizations are synced from your VCS integrations, and manifests and packages are derived from repository scans.

Assets are populated automatically from VCS integrations and scans. You cannot add assets manually.

## Asset types

* **Organizations**: GitHub organizations or GitLab groups synced from your VCS
* **Repositories**: Code repositories within organizations
* **Manifests**: Dependency files within repositories (package.json, requirements.txt, go.mod, etc.)
* **Packages**: Dependencies declared in manifests
* **Package versions**: Specific versions of packages in use

## How assets relate

Assets follow how your code and dependencies are structured:

```
Organization
  └── Repository
        └── Manifest
              └── Package (with version)
```

Packages can appear in multiple manifests. Dependency findings include the related manifest and package in their details, while code findings point to the repository and file.

## Grouping assets

Repositories can be grouped into [Applications](/concepts/applications) for reporting and filtering across related codebases (for example, grouping frontend, backend, and mobile repositories into a single product).

## SBOMs

[Software Bills of Materials](/concepts/sboms) are generated from manifest data collected during scans.

## Related concepts

* [Applications](/concepts/applications): group repositories for unified reporting
* [Scans](/concepts/scans): how repositories are scanned

## Related asset views

* [Applications](/assets/applications): group repositories and review product-level posture
* [Organizations](/assets/organizations): review VCS organization structure and repository membership
* [Repositories](/assets/repositories): review scan status, refs, findings, and settings
* [Manifests](/assets/manifests): inspect dependency files and dependency trees
* [Packages](/assets/packages): review package usage, versions, licenses, and vulnerabilities
