Code security insights on the organization-level Security tab (Beta) #74687
Replies: 7 comments 3 replies
-
This feature is great. It would be helpful to be able to view the Security Coverage Trends metrics as a percentage of total repositories in scope. For organizations with hundreds of repositories, it would highlight coverage over time more effectively. |
Beta Was this translation helpful? Give feedback.
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
-
When filtering by "tool" and "repo" and using "codeql" as the tool filter, I see a number of open alerts on the "Overview" page. When comparing this count to the count of open alerts in the repository view under "code scanning" and counting the number of unique alerts (only counting any duplicate alerts once), that number does not match the number of open alerts displayed in the Overview. Where is the number of open alerts on the "Overview" page derived from? |
Beta Was this translation helpful? Give feedback.
-
Even though it's an unrelated feature, I'd love to see 2FA and SSO stats for orgs that aren't enforcing yet. We have a couple of Github orgs that are in the process of shoring up security and it takes time to reach all people. Having clear trends on number of users in the org, how many have 2fa, how many have sso would be useful information. |
Beta Was this translation helpful? Give feedback.
-
Select Topic Area
Show & Tell
Body
A new asset in security management is now available for GitHub enterprise users. Reinforcing the “shift left” philosophy, this feature is designed to integrate security into the heart of the development lifecycle, empowering your organization to proactively identify and address vulnerabilities.
Key advantages
Historical context
By comparing historical and current data, you can visibly track improvements in your security landscape and demonstrate the value of security investments.
Customized focus
Sharpen your focus with filters that dissect your security data by teams, repositories, or any categorization that aligns with your goals. Whether it’s tracking team performance or monitoring metrics across a core group of repositories with the repository topic filter, there’s a plethora of options available to meet your needs.
Prioritization made simple
With clear insights into severity and net resolve rate—security’s version of developer velocity—the dashboard shows you if your resources are aligned with the most severe threats and if remediation speed is in harmony with security demands.
Strategic alignment
Gain a strategic perspective with the Repositories “Top 10” list, which shows you repositories with the largest number of open alert counts, to understand where to direct your attention first.
Shift left
The dashboard, which is accessible by everyone in the organization, helps you drive best security practices by understanding potential issues as early as possible, reducing risk and workload down the line.
This overview dashboard is now available as a beta on GitHub Enterprise Cloud and will be available in GitHub Enterprise Server 3.13.
Learn more about the new overview dashboard and send us your feedback
Beta Was this translation helpful? Give feedback.
All reactions