Phil Gates-Idem
April 24, 2025
We’re excited to announce a powerful new capability in Socket: historical data and enhanced analytics. Until now, Socket has focused on surfacing real-time supply chain risks in your code. But understanding how those risks evolve over time is just as important (especially for teams managing complex, fast-moving codebases).
Socket now retains daily scan data for default branches, allowing customers to unlock 30 days of historical insights (with extended retention available). This data powers new trend reports, dependency insights, and export capabilities—all accessible via the Socket Dashboard and new API endpoints.
With these new tools, you can:
We’re excited to gather feedback and iterate during a beta period. This shift in how we store and analyze data will help us unlock many new features in the coming months!
The newly redesigned Analytics page on the dashboard is an excellent starting point for reviewing metrics on both the latest and historical alerts. End-users can click on any data point to drill down into the actual alerts.
The Historical Data API Endpoints allows customers to fetch, analyze, and manage historical data. Customers on the Enterprise plan can access up to 30 days of historical data, while other customers can only access historical data for the latest scans.
We're excited to share this API with our customers so they can access this data to power their own custom dashboards or integrations.
The new Historical Data API offers the following endpoints:
Historical Analytics is now in public beta and available to all customers on the Enterprise plan. And we're just getting started.
We’re actively expanding the feature set, starting with historical analytics for all pull requests scanned via the API or GitHub App. This will give you full visibility into when dependencies and alerts are introduced, removed, or blocked—directly in the context of each pull request.
We’re also working on new charts and visualizations to help teams better understand security risks and changes over time. These upgrades will make it easier to track trends, detect regressions, and communicate impact across your organization.
Whether you’re building internal dashboards, improving compliance workflows, or simply making sense of alert volume across your repositories, this new foundation opens the door to a whole new level of insight. We can’t wait to see what you do with it—and your feedback will help shape everything that comes next.
Subscribe to our newsletter
Get notified when we publish new security blog posts!
Try it now
Product
Socket Firewall is a free tool that blocks malicious packages at install time, giving developers proactive protection against rising supply chain attacks.
Product
Socket now lets you customize pull request alert headers, helping security teams share clear guidance right in PRs to speed reviews and reduce back-and-forth.
Product
Socket's Rust support is moving to Beta: all users can scan Cargo projects and generate SBOMs, including Cargo.toml-only crates, with Rust-aware supply chain checks.
