In SonarCloud I can see see dependencies based on a project or on a portfolio.
Neither on organization nor enterprise level I found such an overview.
As security officer
I would also like to have a overview on all projects which are scanned for my organization
so that we know where we have to react on security incedents .
Recent use case would have been Supply Chain Compromise of axios npm Package | Huntress.
Noted.
The way we suggest doing this right now is by creating a portfolio that includes all projects.
Sure, the workaround was obvious. But you will have to update the portfolio each time if new projects are added to the organization.
You shouldn’t need to do this; if you have explicitly defined the portfolio as ‘all projects’, it will pick up new projects on both Cloud and Server.
Hi Bill
Is it possible to fetch the findings through API ?
As mentioned within 181814, I don’t arrive to fetch the results at portfolio level.
Kind Regards,
Thomas