Security overview contains focused views where you can explore trends in detection, remediation, and prevention of security alerts and dig deep into the current state of your codebases.
All organizations on GitHub Enterprise can use Dependabot data to evaluate the security of their supply chain in all repositories.
In addition, data for Advanced Security features, such as code scanning and secret scanning, is shown for organizations and enterprises that use GitHub Advanced Security, see About Dependabot alerts and About GitHub Advanced Security.
About the views
Observação
All views show information and metrics for the default branches of the repositories you have permission to view in an organization or enterprise.
The views are interactive with filters that allow you to look at the aggregated data in detail and identify sources of high risk, see security trends, and see the impact of pull request analysis on blocking security vulnerabilities entering your code. As you apply multiple filters to focus on narrower areas of interest, all data and metrics across the view change to reflect your current selection. For more information, see Filtering alerts in security overview.
There are dedicated views for each type of security alert. You can limit your analysis to a specific type of alert, and then narrow the results further with a range of filters specific to each view. For example, in the secret scanning alert view, you can use the "Secret type" filter to view only secret scanning alerts for a specific secret, like a GitHub personal access token.
Observação
Security overview displays active alerts raised by security features. If there are no alerts shown in security overview for a repository, undetected security vulnerabilities or code errors may still exist or the feature may not be enabled for that repository.
About security overview for organizations
The application security team at your company can use the different views for both broad and specific analyses of your organization's security status. For example, the team can use the "Overview" dashboard view to track your organization's security landscape and progression.
You can find security overview on the Security tab for any organization. Each view shows a summary of the data that you have access to. As you add filters, all data and metrics across the view change to reflect the repositories or alerts that you've selected.
Security overview has multiple views that provide different ways to explore enablement and alert data.
- Overview: visualize trends in Detection, Remediation, and Prevention of security alerts. For information about accessing and using the dashboard, see Viewing security insights. For detailed explanations of metrics and calculations, see Security overview dashboard metrics.
- Risk and Alert views: explore the risk from security alerts of all types or focus on a single alert type and identify your risk from specific vulnerable dependencies, code weaknesses, or leaked secrets, see Assessing the security risk of your code.
- Coverage: assess the adoption of security features across repositories in the organization, see Assessing adoption of security features.
- Enablement trends: see how quickly different teams are adopting security features.
- CodeQL pull request alerts: assess the impact of running CodeQL on pull requests and how development teams are resolving code scanning alerts, see Viewing metrics for pull request alerts.
- Secret scanning insights: find out which types of secret are blocked by push protection, see Viewing metrics for secret scanning push protection.
About security overview for enterprises
You can find security overview on the Security tab for your enterprise. Each page displays aggregated and repository-specific security information for your enterprise.
Security overview for enterprises has multiple views that provide different ways to explore data, including an overview dashboard that visualizes alert trends. For information about the dashboard, see Viewing security insights and Security overview dashboard metrics.
Access to data in security overview
What you can see in security overview depends on your role and permissions in the organization or enterprise.
In general:
- Organization owners and security managers can view security data across all repositories in their organization.
- Organization members can view data only for repositories where they have access to security alerts.
- Enterprise owners can view aggregated security data in the enterprise-level security overview for organizations where they are an organization owner or security manager. To see repository-level details, they must have the appropriate role within the organization.
Security overview displays data only for repositories you have permission to view, and some views or actions may be limited based on your role.
For detailed, role-by-role permission information, including which views are available and how repository access affects visibility, see Security overview permissions.
Understanding dashboard data accuracy
The overview dashboard displays metrics based on the current state of your repositories and the historical state of security alerts. This data model has important implications for data consistency:
Data changes over time: Dashboard metrics can change for the same historical time period when viewed at different times. This occurs when repositories are deleted, security advisories are modified, or other changes affect the underlying data. If you need consistent data for compliance reports or auditing purposes, use the audit log instead. See Auditing security alerts.
Alert data is historical; repository attributes are current: The dashboard tracks security alerts based on their historical state during the selected time period. However, repository filters (such as archived/active status) reflect the current state of repositories.
For example, if you archive a repository today, any open alerts in that repository are automatically closed. If you then view the overview dashboard for last week:
- The repository only appears when you filter to show archived repositories (its current state)
- The alerts from that repository appear as open (their state during last week)
This design ensures alert trends accurately reflect security activity during the time period you're analyzing, while repository filters help you focus on your current repository structure.