GA organization- and enterprise-level security overview dashboard and enablement trends (#51652)
Co-authored-by: Felicity Chapman <felicitymay@github.com> Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>
This commit is contained in:
Sophie
@@ -123,7 +123,7 @@ When you have enabled a feature, you should communicate with repository administ
|
||||
You can use security overview to see which teams and repositories are affected by security alerts, with a breakdown of alerts by severity. For more information, see "[AUTOTITLE](/code-security/security-overview/assessing-code-security-risk)."
|
||||
|
||||
{% ifversion security-overview-dashboard %}
|
||||
Security overview also has a dashboard (beta) where you can explore high-level trends and metrics to gain insight into your organization's security landscape. For more information, see "[AUTOTITLE](/code-security/security-overview/viewing-security-insights)."
|
||||
Security overview also has a dashboard where you can explore high-level trends and metrics to gain insight into your organization's security landscape. For more information, see "[AUTOTITLE](/code-security/security-overview/viewing-security-insights)."
|
||||
{% endif %}
|
||||
|
||||
You can use various tools to monitor the actions that your organization's members are taking in response to security alerts. For more information, see "[AUTOTITLE](/code-security/getting-started/auditing-security-alerts)".
|
||||
|
||||
@@ -60,7 +60,7 @@ There are also dedicated views for each type of security alert that you can use
|
||||
|
||||
## About security overview for organizations
|
||||
|
||||
The application security team at your company can use the different views for both broad and specific analyses of your organization's security status. {% ifversion security-overview-org-risk-coverage %} For example, {% ifversion security-overview-dashboard %}the team can use the "Overview" dashboard view (beta) to track your organization's security landscape and progression{% else %}the team can use the "Coverage" view to monitor the adoption of features across your organization or by a specific team as you roll out {% data variables.product.prodname_GH_advanced_security %}, or use the "Risk" view to identify repositories with more than five open {% data variables.secret-scanning.alerts %}{% endif %}. {% else %}For example, they can use the overview page to monitor adoption of features by your organization or by a specific team as you roll out {% data variables.product.prodname_GH_advanced_security %} to your enterprise, or to review all alerts of a specific type and severity level across all repositories in your organization.{% endif %} {% ifversion code-security-multi-repo-enablement %}{% ifversion security-configurations-beta-and-pre-beta %}You can also use security overview to find a set of repositories and enable or disable security features for them all at the same time. For more information, see "[AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories)."{% endif %}{% endif %}
|
||||
The application security team at your company can use the different views for both broad and specific analyses of your organization's security status. {% ifversion security-overview-org-risk-coverage %} For example, {% ifversion security-overview-dashboard %}the team can use the "Overview" dashboard view to track your organization's security landscape and progression{% else %}the team can use the "Coverage" view to monitor the adoption of features across your organization or by a specific team as you roll out {% data variables.product.prodname_GH_advanced_security %}, or use the "Risk" view to identify repositories with more than five open {% data variables.secret-scanning.alerts %}{% endif %}. {% else %}For example, they can use the overview page to monitor adoption of features by your organization or by a specific team as you roll out {% data variables.product.prodname_GH_advanced_security %} to your enterprise, or to review all alerts of a specific type and severity level across all repositories in your organization.{% endif %} {% ifversion code-security-multi-repo-enablement %}{% ifversion security-configurations-beta-and-pre-beta %}You can also use security overview to find a set of repositories and enable or disable security features for them all at the same time. For more information, see "[AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories)."{% endif %}{% endif %}
|
||||
|
||||
You can find security overview on the **Security** tab for any organization that's owned by an enterprise. Each view shows a summary of the data that you have access to. As you add filters, all data and metrics across the view change to reflect the repositories or alerts that you've selected. For information about permissions, see "[Permission to view data in security overview](#permission-to-view-data-in-security-overview)."
|
||||
|
||||
@@ -133,7 +133,7 @@ If you are an organization or team member, you can view security overview for th
|
||||
{% ifversion security-overview-dashboard %}
|
||||
{% rowheaders %}
|
||||
|
||||
| Organization or team member with | Overview dashboard (beta) view | Risk and alerts views | Coverage view |
|
||||
| Organization or team member with | Overview dashboard view | Risk and alerts views | Coverage view |
|
||||
|--------------------|-------------|---------------------|---------|
|
||||
| `admin` access for one or more repositories | View data for those repositories | View data for those repositories | View data for those repositories{% ifversion security-configurations-beta-and-pre-beta %}, and enable and disable security features{% endif %} |
|
||||
| `write` access for one or more repositories | View {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_dependabot %} data for those repositories | View {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_dependabot %} data for those repositories | No access |
|
||||
|
||||
@@ -24,11 +24,7 @@ You can use security overview to see which repositories and teams have already e
|
||||
|
||||
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** "Pull request alerts" are reported as enabled only when {% data variables.product.prodname_code_scanning %} has analyzed at least one pull request since alerts were enabled for the repository.
|
||||
|
||||
{% endnote %}
|
||||
>[!NOTE] "Pull request alerts" are reported as enabled only when {% data variables.product.prodname_code_scanning %} has analyzed at least one pull request since alerts were enabled for the repository.
|
||||
|
||||
{% ifversion security-overview-export-data %}
|
||||
You can download a CSV file of the data displayed on the "Security coverage" page. This data file can be used for efforts like security research and in-depth data analysis, and can integrate easily with external datasets. For more information, see "[AUTOTITLE](/code-security/security-overview/exporting-data-from-the-risk-and-coverage-pages)."
|
||||
@@ -36,7 +32,7 @@ You can download a CSV file of the data displayed on the "Security coverage" pag
|
||||
|
||||
{% ifversion security-overview-tool-adoption %}
|
||||
|
||||
You can use the "Enablement trends" (beta) view to see enablement status and enablement status trends over time for {% data variables.product.prodname_dependabot %}, {% data variables.product.prodname_code_scanning %}, or {% data variables.product.prodname_secret_scanning %} for repositories in an organization{% ifversion security-overview-enterprise-enablement-report %}, or across organizations in an enterprise{% endif %}. For each of these features, you can view a graph visualizing the percentage of repositories that have the feature enabled, as well as a detailed table with enablement percentages for different points in time. For more information, see "[Viewing enablement trends for an organization (beta)](#viewing-enablement-trends-for-an-organization-beta){% ifversion security-overview-enterprise-enablement-report %}" and "[Viewing enablement trends for an enterprise (beta)](#viewing-enablement-trends-for-an-enterprise-beta){% endif %}."
|
||||
You can use the "Enablement trends" view to see enablement status and enablement status trends over time for {% data variables.product.prodname_dependabot %}, {% data variables.product.prodname_code_scanning %}, or {% data variables.product.prodname_secret_scanning %} for repositories in an organization{% ifversion security-overview-enterprise-enablement-report %}, or across organizations in an enterprise{% endif %}. For each of these features, you can view a graph visualizing the percentage of repositories that have the feature enabled, as well as a detailed table with enablement percentages for different points in time. For more information, see "[Viewing enablement trends for an organization](#viewing-enablement-trends-for-an-organization){% ifversion security-overview-enterprise-enablement-report %}" and "[Viewing enablement trends for an enterprise](#viewing-enablement-trends-for-an-enterprise){% endif %}."
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -88,13 +84,13 @@ In the enterprise-level view, you can view data about the enablement of features
|
||||
|
||||
{% ifversion security-overview-tool-adoption %}
|
||||
|
||||
## Viewing enablement trends for an organization (beta)
|
||||
## Viewing enablement trends for an organization
|
||||
|
||||
{% note %}
|
||||
{% ifversion ghes < 3.15 %}
|
||||
|
||||
**Note:** The "Enablement trends" view is currently in beta and is subject to change.
|
||||
> [!NOTE] The "Enablement trends" view is currently in beta and is subject to change.
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
|
||||
You can view data to assess the enablement status and enablement status trends of code security features for an organization.
|
||||
|
||||
@@ -104,29 +100,25 @@ You can view data to assess the enablement status and enablement status trends o
|
||||
1. Click on one of the tabs for "{% data variables.product.prodname_dependabot %}", "{% data variables.product.prodname_code_scanning_caps %}", or "{% data variables.product.prodname_secret_scanning_caps %}" to view enablement trends and the percentage of repositories in your organization with that feature enabled. This data is displayed as a graph and a detailed table.
|
||||
1. Optionally, use the options at the top of the "Enablement trends" view page to filter the group of repositories you want to see enablement trends for.
|
||||
* Use the date picker to set the time range that you want to view enablement trends for.
|
||||
* Click in the search box to add further filters on the enablement trends displayed. The filters you can apply are the same as those for the "Overview" dashboard (beta) view. For more information, see "[AUTOTITLE](/code-security/security-overview/filtering-alerts-in-security-overview)."
|
||||
* Click in the search box to add further filters on the enablement trends displayed. The filters you can apply are the same as those for the "Overview" dashboard view. For more information, see "[AUTOTITLE](/code-security/security-overview/filtering-alerts-in-security-overview)."
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% ifversion security-overview-enterprise-enablement-report %}
|
||||
|
||||
## Viewing enablement trends for an enterprise (beta)
|
||||
## Viewing enablement trends for an enterprise
|
||||
|
||||
{% note %}
|
||||
{% ifversion ghes < 3.15 %}
|
||||
|
||||
**Note:** The "Enablement trends" view is currently in beta and is subject to change.
|
||||
> [!NOTE] The "Enablement trends" view is currently in beta and is subject to change.
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
|
||||
You can view data to assess the enablement status and enablement status trends of code security features across organizations in an enterprise.
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** You can use the `owner:` filter in the search field to filter the data by organization. For more information, see "[AUTOTITLE](/code-security/security-overview/filtering-alerts-in-security-overview)."
|
||||
|
||||
{% endtip %}
|
||||
>[!TIP] You can use the `owner:` filter in the search field to filter the data by organization. For more information, see "[AUTOTITLE](/code-security/security-overview/filtering-alerts-in-security-overview)."
|
||||
|
||||
{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
|
||||
{% data reusables.code-scanning.click-code-security-enterprise %}
|
||||
|
||||
@@ -17,8 +17,12 @@ redirect_from:
|
||||
allowTitleToDifferFromFilename: true
|
||||
---
|
||||
|
||||
{% ifversion ghes < 3.14 %}
|
||||
|
||||
{% data reusables.security-overview.beta-overview-dashboard %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
## {% ifversion security-overview-dashboard-enterprise %}About security insights{% else %} About organization-level security insights{% endif %}
|
||||
|
||||
The overview page in security overview is a consolidated dashboard of insights about your organization{% ifversion security-overview-dashboard-enterprise %} or enterprise{% endif %}'s security landscape and progress. You can use the dashboard to monitor the health of your application security program, collaborate with engineering teams, and gather data for benchmarking purposes.
|
||||
@@ -33,7 +37,7 @@ You can view a variety of metrics about the security alerts in your organization
|
||||
* The "Remediation" section shows information about how alerts are resolved and alert activity over time.
|
||||
* The "Impact analysis" section shows the repositories that pose the highest potential security risk in your organization{% ifversion security-overview-dashboard-enterprise %} or enterprise{% endif %}.
|
||||
|
||||
You can filter the overview dashboard by selecting a specific time period, and apply additional filters to focus on narrower areas of interest. All data and metrics across the dashboard will change as you apply filters. {% ifversion security-overview-additional-tools %}By default, the dashboard displays all alerts from {% data variables.product.prodname_dotcom %} tools, but you can use the tool filter to show alerts from a specific tool ({% data variables.product.prodname_secret_scanning %}, {% data variables.product.prodname_dependabot %}, {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_codeql %}, a specific third-party tool) or all third-party {% data variables.product.prodname_code_scanning %} tools. This feature is in beta, and is subject to change.{% endif %} For more information, see "[AUTOTITLE](/code-security/security-overview/filtering-alerts-in-security-overview)."
|
||||
You can filter the overview dashboard by selecting a specific time period, and apply additional filters to focus on narrower areas of interest. All data and metrics across the dashboard will change as you apply filters. {% ifversion security-overview-additional-tools %}By default, the dashboard displays all alerts from {% data variables.product.prodname_dotcom %} tools, but you can use the tool filter to show alerts from a specific tool ({% data variables.product.prodname_secret_scanning %}, {% data variables.product.prodname_dependabot %}, {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_codeql %}, a specific third-party tool) or all third-party {% data variables.product.prodname_code_scanning %} tools.{% endif %} For more information, see "[AUTOTITLE](/code-security/security-overview/filtering-alerts-in-security-overview)."
|
||||
|
||||
{% ifversion security-overview-dashboard-enterprise %}Enterprise members can access the overview page for organizations in their enterprise. {% endif %}The metrics you see will depend on your role and repository permissions. For more information, see "[AUTOTITLE](/code-security/security-overview/about-security-overview#permission-to-view-data-in-security-overview)."
|
||||
|
||||
@@ -78,9 +82,7 @@ Keep in mind that the overview page tracks changes over time for security alert
|
||||
{% endif %}
|
||||
|
||||
{% ifversion security-overview-additional-tools %}
|
||||
|
||||
Some metrics in the security overview dashboard include a trend indicator, which shows the percentage gain or loss for the chosen time period relative to previous period. For example, when you select a week with 10 alerts, if the previous week had 20 alerts, the trend indicator reports that the metric has dropped by 50%. If the average age of the open alerts is 15 days, and for the previous period it was 5 days, the trend indicator reports that the metric has risen by 200%. This feature is in beta, and is subject to change.
|
||||
|
||||
Some metrics in the security overview dashboard include a trend indicator, which shows the percentage gain or loss for the chosen time period relative to previous period. For example, when you select a week with 10 alerts, if the previous week had 20 alerts, the trend indicator reports that the metric has dropped by 50%. If the average age of the open alerts is 15 days, and for the previous period it was 5 days, the trend indicator reports that the metric has risen by 200%.
|
||||
{% endif %}
|
||||
|
||||
>[!NOTE]
|
||||
@@ -104,12 +106,6 @@ The age of each open alert is calculated by subtracting the date the alert was c
|
||||
|
||||
### Reopened alerts
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** The "Reopened alerts" metric is in beta, and is subject to change.
|
||||
|
||||
{% endnote %}
|
||||
|
||||
The "Reopened alerts" metric is the total open alerts that were reopened during the chosen time period. Only alerts that are open at the end of the reporting period are reported. This includes:
|
||||
|
||||
* Alerts that were closed as of the day before the chosen time period, and that remain open at the end of the period.
|
||||
@@ -124,7 +120,7 @@ The "Secrets bypassed / blocked" metric shows the ratio of secrets bypassed to t
|
||||
|
||||
You can also see how many secrets were successfully blocked, which is calculated by subtracting the number of secrets bypassed from the total number of secrets blocked by push protection. A secret is considered to have been successfully blocked when it has been corrected, and not committed to the repository.
|
||||
|
||||
{% ifversion security-overview-additional-tools %}You can click **View details** to view the {% data variables.product.prodname_secret_scanning %} report with the same filters and time period selected. This feature is in beta, and is subject to change.{% endif %}
|
||||
{% ifversion security-overview-additional-tools %}You can click **View details** to view the {% data variables.product.prodname_secret_scanning %} report with the same filters and time period selected.{% endif %}
|
||||
|
||||
For more information on secret scanning push protection metrics, see "[AUTOTITLE](/code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection)."
|
||||
|
||||
@@ -140,11 +136,7 @@ The "Net resolve rate" metric is the rate at which alerts are being closed. This
|
||||
|
||||
The rate is calculated by dividing the number of alerts that were closed and remained closed during the chosen time period, by the number of alerts created during the time period.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** The net resolve rate takes into account any new and any closed alerts during the chosen time period. This means that the set of new alerts and set of closed alerts used for the calculation do not necessarily correspond, since they may represent different populations of alerts.
|
||||
|
||||
{% endnote %}
|
||||
>[!NOTE] The net resolve rate takes into account any new and any closed alerts during the chosen time period. This means that the set of new alerts and set of closed alerts used for the calculation do not necessarily correspond, since they may represent different populations of alerts.
|
||||
|
||||
Alerts that are reopened and re-closed during the chosen time period are ignored.
|
||||
|
||||
@@ -170,12 +162,6 @@ Green bars represent the number of new alerts created during the segmented time
|
||||
|
||||
### Impact analysis table
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** The "Impact analysis" table is in beta, and is subject to change.
|
||||
|
||||
{% endnote %}
|
||||
|
||||
The impact analysis table has separate tabs showing data for: "Repositories" and "Advisories".
|
||||
|
||||
* The "Repositories" tab shows the top 10 repositories with the most open alerts at the end of the chosen time period, ranked by the total number of open alerts. For each repository, the total number of open alerts is shown alongside a breakdown by severity.
|
||||
|
||||
@@ -1,9 +1,5 @@
|
||||
{% ifversion secret-scanning-non-provider-patterns %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** The summary views ({% ifversion security-overview-dashboard %}"Overview", {% endif %}"Coverage" and "Risk") show data only for high confidence alerts. {% ifversion security-overview-additional-tools %}{% data variables.product.prodname_secret_scanning_caps %} {% else %}{% data variables.product.prodname_code_scanning_caps %} alerts from third-party tools, and {% data variables.product.prodname_secret_scanning %}{% endif %} alerts for ignored directories and non-provider alerts are all omitted from these views. Consequently, the individual alert views may include a larger number of open and closed alerts.
|
||||
|
||||
{% endnote %}
|
||||
>[!NOTE] The summary views ({% ifversion security-overview-dashboard %}"Overview", {% endif %}"Coverage" and "Risk") show data only for high confidence alerts. {% ifversion security-overview-additional-tools %}{% data variables.product.prodname_secret_scanning_caps %} {% else %}{% data variables.product.prodname_code_scanning_caps %} alerts from third-party tools, and {% data variables.product.prodname_secret_scanning %}{% endif %} alerts for ignored directories and non-provider alerts are all omitted from these views. Consequently, the individual alert views may include a larger number of open and closed alerts.
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -1,9 +1 @@
|
||||
{% note %}
|
||||
|
||||
{% ifversion security-overview-dashboard-enterprise %}
|
||||
**Note:** The security overview dashboard is currently in beta and subject to change.
|
||||
{% else %}
|
||||
**Note:** The security overview dashboard is available at the organization level. The dashboard is currently in beta and subject to change.
|
||||
{% endif %}
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE] The security overview dashboard is currently in beta and subject to change.
|
||||
|
||||
Reference in New Issue
Block a user