| title | shortTitle | allowTitleToDifferFromFilename | intro | permissions | product | type | topics | versions | redirect_from | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Assessing the security risk of your code |
Assess security risk of code |
true |
You can use security overview to see which teams and repositories are affected by security alerts, and identify repositories for urgent remedial action. |
{% data reusables.permissions.security-overview %} |
{% data reusables.gated-features.security-overview-fpt-both %} |
how_to |
|
|
|
You can use the different views on your Security tab to explore the security risks in your code.
- Overview: use to explore trends in Detection, Remediation, and Prevention of security alerts.
- Risk: use to explore the current state of repositories, across all alert types.{% ifversion secret-risk-assessment %}
- Assessments: use to explore the current state of repositories, for secret leaks specifically{% endif %}
- Alerts views: use to explore {% data variables.product.prodname_code_scanning %}, {% data variables.product.prodname_dependabot %}, or {% data variables.product.prodname_secret_scanning %} alerts in greater detail.
These views provide you with the data and filters to:
- Assess the landscape of security risk of code stored in all your repositories.
- Identify the highest impact vulnerabilities to address.
- Monitor your progress in remediating potential vulnerabilities.{% ifversion secret-risk-assessment %}
- Understand how your organization is affected by secret leaks and exposures.{% endif %}{% ifversion security-overview-export-data %}
- Export your current selection of data for further analysis and reporting. {% endif %}
{% ifversion security-overview-dashboard %} For information about the Overview, see AUTOTITLE.{% endif %}
{% data reusables.organizations.navigate-to-org %} {% data reusables.organizations.security-overview %} {% data reusables.security-overview.open-security-risk-view %} {% data reusables.code-scanning.using-security-overview-risk %}
{% data reusables.security-overview.unaffected-repositories %}
{% data reusables.organizations.security-overview-feature-specific-page %} {% ifversion security-overview-export-data %}
- Optionally, use the {% octicon "download" aria-hidden="true" %} Export CSV button to download a CSV file of the data currently displayed on the page for security research and in-depth data analysis. For more information, see AUTOTITLE. {% endif %}
{% data reusables.security-overview.alert-differences %}
You can view data for security alerts across organizations in an enterprise.
{% data reusables.security-overview.enterprise-filters-tip %}
{% ifversion ghes %}{% data reusables.enterprise-accounts.access-enterprise-ghes %}{% else %}{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}{% endif %} {% data reusables.code-scanning.click-code-security-enterprise %}
-
To display the "Security risk" view, in the sidebar, click {% octicon "shield" aria-hidden="true" %} Risk. {% data reusables.code-scanning.using-security-overview-risk %}
{% data reusables.security-overview.unaffected-repositories %} {% data reusables.organizations.security-overview-feature-specific-page %}{% ifversion security-overview-export-data %}
-
Optionally, use the {% octicon "download" aria-hidden="true" %} Export CSV button to download a CSV file of the data currently displayed on the page for security research and in-depth data analysis. For more information, see AUTOTITLE. {% endif %}
{% data reusables.security-overview.alert-differences %}
{% ifversion security-campaigns %}
When you have assessed your security risks, you are ready to create a security campaign to collaborate with developers to remediate alerts. For information about fixing security alerts at scale, see AUTOTITLE and AUTOTITLE. {% endif %}