Skip to main content

Integrated Enterprise Reporting

Overview

The Integrated Enterprise Reporting (IER) dashboard serves as one-stop access to understand the open-source components consumption patterns, including AI/ML components.

It summarizes how Lifecycle impacts the security profile of the development pipelines within your organization. With several data points from the Sonatype Community as a whole, it also provides a comparative analysis between your organization and the rest of the industry, in terms of

  1. Vulnerabilities associated with your applications

  2. Remediation actions taken by your teams

  3. Tech stack diversity

As a step forward to achieve Observability for AI/ML components, it provides actionable insights into the consumption patterns by generating visualizations indicating the exact number and category of the AI/ML components in use by your applications. These visualizations can be used to create governance policies for responsible adoption of AI, with focus on privacy, security and data protection, thus minimizing the threats associated with the usage of non-enterprise or free AI and ML platforms.

The End-of-Life (EOL) visualization shows all components that have have crossed the declared EOL date, along with their containing applications, to provide a lead time for necessary upgrades or transitions for your development teams. This is extremely effective in making informed decisions on the transition and minimizing last minute development disruptions.

Note

We have implemented the dashboards using the Looker platform for versatility. The visualizations may continue to evolve in terms of functionality or scope, based on future improvements and user feedback.

Data Handling Processes

The Integrated Enterprise Reporting (IER) dashboards are designed to render rich data visualizations that allow users to interact, and retrieve the most relevant information. These dashboards use Looker™ to offer enterprise caliber self-service business intelligence via intuitive visual elements.

To address the concerns that could arise due to data sharing with a third-party tool (Looker™), we have implemented a 4-way protection methodology:

  1. Data Storage

    There is no data stored in Looker™. We use Looker's streaming capability to receive the query results from Sonatype environment in a dedicated Looker instance.

  2. Data Anonymization

    The information for these visualizations and reports is restricted for an Organization from the anonymized telemetry during application analysis performed via Sonatype Data Services.

  3. Data Authentication and Authorization

    To ensure that the data in these visualizations is accessible to authorized users only, the system programmatically creates obfusticated, unique one-way hash identifiers for the user and the organization's instance.

  4. Data Encryption

    We implement encryption for data in flight from the IQ Server environment to Looker™.

Advanced Reporting Insights

In order to provide deeper reporting clarity, additional data (application name) is made available to be used for reporting following all encryption and data handling standards.

Note

You can opt-out of Advanced Reporting Insights.

To request an exclusion or opt-out please contact Sonatype Support with request to disable Advanced Reporting Insights.

Opting-out of Advanced Reporting Insights could result in partially functioning reports and degraded experience.

Accessing

To access the dashboard, click on Data Insights from the left navigation bar.

199819346.png

Prerequisites

  • Your browser has no restrictions on accessing “*.looker.com” URLs

  • For Safari browser, “Prevent cross-site tracking“ in the Settings menu → Privacy is disabled.

Get to know your Data Insights Dashboard

199819373.png

Rolling Recap Dashboard

Rolling Recap shows graphical representations of the state of the Software Supply Chain for your organization. It unlocks trends and patterns by comparing your usage of Sonatype Lifecycle with the rest of the industry, over the last 365 days.

Learn more about Rolling Recap Dashboard.

ML/AI: Apps Using Machine Learning

Observe the consumption of open-source AI/ML components in your applications.

Learn more about ML/AI Apps: Using Machine Learning.

Component EOL: Retiring Old Code

See which components have the status of End of Life (EOL).

Learn more about Component EOL: Retiring Old Code

Contact Us

As part of our initiatives to foster innovation, the Sonatype Research Team invites new conversations on these visualizations. This section contains email and links to suggest improvements or receive technical support.