Introducing Dashboard Analytics

We're excited to announce that our dashboard now has a new Analytics feature in beta for all Socket users. This new, highly-requested feature provides valuable insights into security risks and trends, putting the most important security metrics at your fingertips.

It includes graphs for analytics at both the organization and repository levels, giving you better visibility into critical and high alerts. These trends can be tracked over time to give you a bird's-eye view of the effectiveness of your security efforts. The analytics data is ingested once a day.

Organization-level analytics#

To get an overview of the security risks at the organization level, the first section gathers 9 graphs.

The first two show the total number of critical and high alerts found in the main branches across the repositories that have been analyzed.

The next two visualize the total number of critical and high alerts that have been merged to the default branches on a given day. This means that alerts were detected in a branch that was then merged to the default branch without removing the malicious packages.

Then, the next four show the total number of alerts prevented from being merged to the default branches. This is the opposite of the graphs described above. Alerts were reported in a branch and then removed before being merged.

Finally, a bar graph shows the top 5 alert types across the organization.

At the organization level, the analytics data does not include every single repository, but instead only the repositories where the main branch has been updated since the release of this feature. If you want to gather analytics data for every single repository in your organization, update their main branches.

Filtering

To get a better idea of the evolution of the number of alerts over time, filters are available to display the data ingested in the last 7, 30 and 90 days.

Exporting

You can export your organization's analytics data as CSV or JSON using the export buttons at the top right corner of the section.

Repository-level analytics#

For a more granular view of these metrics, the repository-level section lets you filter your data by repository.

This section includes the same metrics, filtering and exporting functionalities as the organization section.

We hope these new insights will enable proactive decision-making and boost your confidence in software integrity. The ability to track trends, filter data over time, and export reports ensures that your security efforts are transparent, measurable, and easily integrated into your workflows.

If you’re not yet a Socket user and want to get these kinds of insights for your organization, install our free GitHub app and start tracking your repos today. The app installs in just 2 clicks and works seamlessly in the background to secure every GitHub PR from vulnerable and malicious dependencies.