Introducing Reports: An Extensible Reporting Framework for Socket Data

Key Takeaways

• Socket has introduced a new Reports page in its dashboard, replacing the previous Analytics page.
• The framework includes five built-in charts covering Vulnerabilities, Dependencies, and Usage.
• Vulnerability reports align with standard security frameworks, including Top 25 CWEs and Top 10 OWASP categories.
• Dependency reports provide visibility into license distribution and overall package health scores.
• All charts can be exported as PNGs to facilitate sharing in reviews, presentations, and recurring workflows.

Affected Systems

• Socket Dashboard

Detection Availability

• YARA Rules: No
• Sigma Rules: No
• Snort/Suricata Rules: No
• KQL Queries: No
• Splunk SPL Queries: No
• EQL Queries: No
• Other Detection Logic: No

N/A

Detection Engineering Assessment

EDR Visibility: None — This is a product announcement for a reporting dashboard, not a threat intelligence report. Network Visibility: None — No network indicators or attacks are discussed in this product update. Detection Difficulty: N/A — Not applicable as this article does not detail any threat actor behaviors or malware.

Hunting Hypotheses

Hypothesis	Telemetry	ATT&CK Stage	FP Risk
N/A - This article is a product announcement and does not contain threat behaviors to hunt.	N/A	N/A	Low

False Positive Assessment

• Low

Recommendations

Immediate Mitigation

• N/A

Infrastructure Hardening

• N/A

User Protection

• N/A

Security Awareness

• Utilize the new Socket Reports dashboard to communicate vulnerability and dependency risks to stakeholders using standardized frameworks like OWASP and CWE.