Role of an Analyst

FlexNet Code Insight 2020 R2

The role of a project Analyst in FlexNet Code Insight is to transform the evidence uncovered by the Scan Server into an inventory item. Analysts create inventory items that associate files in your codebase to open-source and third-party projects, called components in Code Insight. For example, Analysts might evaluate files with a copyright of “Copyright (c) 2015 to 2020 Mark Smith” and a license match to the license used by the “zlib” component. The Analyst would then associate these files with an inventory item for the “zlib” open-source component and mark the files as reviewed to register progress.

The Analyst will evaluate all of the evidence within a codebase, create inventory items where appropriate, mark the analyzed files as reviewed, and finally publish them. The remaining sections in Auditing Scan Results in the Analysis Workbench (for Standard Scans) describe these tasks.

Once published, the inventory will be available for reporting and review by Legal, Security, and Development teams, as described in Reviewing Published Inventory for a Project. The ultimate goal of both the audit and the review/remediation processes is to produce a complete and accurate inventory of open-source and third-party code within your products—sometimes referred to as a Bill of Materials (BOM).

Refer to the FlexNet Code Insight User Roles and Permissions appendix for the project roles (in addition to the Analyst role) required to access the Analysis Workbench and to analyze and act on scan results.