Portfolio Security Reports in SQ Cloud Enterprise - Enterprise-Level Visibility for Security Teams

SonarQube Cloud Announcements
, , ,
1

Hello everyone,

We’re happy to announce the launch of Portfolio Security Reports in SonarQube Cloud Enterprise! Security and compliance teams can now get a clear, centralized view of security issues across multiple projects, finally eliminating the need for manual workarounds or navigating to each project’s report individually.

This new in-app feature gives security-focused teams the visibility and clarity they’ve been asking for, enabling internal audits, compliance efforts, and multi-project risk assessments.

Note: This feature provides portfolio level security reporting in the UI only. Downloadable/exportable reports will become available at the project level shortly after - stay tuned!

What’s included:

  • A comprehensive security snapshot: A detailed breakdown of Security Issues and Security Hotspots across all projects in your portfolio.
  • Risk clarity: Instantly see which portfolios (and their projects) are at highest risk, with severity levels, issue counts, and the ability to filter by standard.
  • Drill-down capabilities: Want to investigate further or extract project-level details? Click into specific issues to view the projects they belong to.

Where to find it:

Head to your Portfolios in SonarQube Cloud Enterprise and check out the new Security Report tab.

1292×970 91.2 KB

From there, filter by standard, explore by category, and dive into the details that matter most.

1298×888 48.9 KB

We’d love to hear how this new feature is improving your workflow. What other security insights or reporting options would help your team? Share your thoughts in the comments!

-Simone
Product Manager for Enterprise value and reporting

1 Like
2

Amazing feature and for sure a great move in the right direction to provide teams the insight and capability they need.

However, with security teams requiring reports to be downloaded and attached to various security documents and stored in separate retention software / locations, is there any future plan or what is the timeline on adding the ability to download the data from these reports in a pdf, csv, json, sbx, etc.?

3 Likes
3

Hi @asolomon-hrc, and welcome to the community!

Thanks for the kind words! We’re thrilled you think it’s a step in the right direction :tada:

Regarding your question, I absolutely hear you about the need for downloadable reports in formats like PDF, CSV, and JSON. We already plan to bring downloadable security reports on the project level in May/June - you can stay up to date with progress on this and subscribe to be notified via our Portal card: Portal: Project Security Report PDFs

We’re evaluating the need for this feature for Portfolios and gathering more insights to help us prioritize this versus some other features.

You can cast your vote for this via our Portal card: Portal: Portfolio Security Reports

We’re also always happy to chat to our users to understand the needs better. I’d be happy to have a chat with you about your needs and how it fits into your specific workflows: Calendar Booking Link
Or, feel free to share any other thoughts or feedback directly on this post.

Cheers,
Simone
Product Manager for Enterprise value and reporting

1 Like