Securing your code can be messy work. Security teams are working across multiple repositories that contain layers upon layers of dependencies, each with their own potential vulnerabilities and open source license obligations. It can be easy to get lost in the daily work of remediating issues across your repos, making it difficult to see the overall state of your software supply chain — and to understand the progress of your remediation efforts.
That’s why we created the issue overview dashboard: a single place to quickly see outstanding security, licensing, and quality issues across your entire environment, as well as issues you have already fixed or ignored. With issue overview, you now have a view of risk across your entire organization, and an easy way to demonstrate the impact of your remediation efforts.
Risk Monitoring at the Organizational Level
The issue overview dashboard provides an easy way to track and understand software supply chain risks across your entire organization, enabling:
- Instant Visibility: Gain immediate insight into security, licensing, and quality risks across your software supply chain. You can quickly see how many total issues you have, as well as how many of these are active versus remediated.
- Trend Analysis: Leverage customizable date ranges to observe how your risk profile is evolving over time. See how many issues are being remediated over time, as well as how many are being ignored.
- Risk Detailing: Understand the details of your risk profile across your organization. Issue overview includes granular breakdowns of vulnerability severity, license issue types, and quality issues — so you can quickly get a sense for which issues are most common across your software supply chain.
- Data Export: Easily export issue overview data to create your own visualizations or run your own custom analysis.
Filtered Views for Deeper Insights
Issue overview also includes filtered views, enabling you to see risk profiles and remediation trends at different levels of your organization and across projects.
You can filter by custom labels to get a view of the data as it pertains to specific project tags. For instance, you could filter to see only issues in production, or only critical issues. You can also filter by team, enabling visibility into the health and status of each individual team’s projects.
Show Your Work
The issue overview dashboard allows you to quickly see (and share) the number of issues your team has remediated over time. This can provide quick insight into the momentum and impact of your remediation efforts.
The dashboard also shows ignored issues, which are driven by policies and rules you have set up in FOSSA. These rules free your team from the redundant work of vetting and clearing the same issue across multiple projects or package versions, allowing them to focus on more important priorities. See our blog on reducing alert fatigue with auto-ignore rules to see how this works.
Getting Started with Issue Overview
Current FOSSA premium customers can find the issue overview dashboard by navigating to ‘Reports’ in the top navigation bar in the FOSSA UI.
If you aren’t yet a FOSSA customer and are interested in gaining visibility into risks and remediation across your software supply chain, getting started is straightforward. You can sign up for a FOSSA premium account (recommended for smaller organizations) for immediate access to this feature, or request a demo (recommended for larger organizations) to get an in-depth look at how FOSSA can help mitigate risks across your software supply chain.
The issue overview dashboard is another step in support of our mission to help companies embrace open source software and drive transparency across their software supply chains. It adds an additional layer of visibility and enables security teams to clearly demonstrate the impact of their remediation efforts.
