Note: Security overview is currently in beta and subject to change.
About security risks in your code
You can use security overview to see which repositories and teams are free from any security alerts and which have unresolved security alerts. The "Security risk" page shows a summary and detailed information on which repositories in an organization are affected by security alerts, with a breakdown of alert by severity. You can filter the view to show a subset of repositories using the "affected" and "unaffected" links, the links under "Open alerts", the "Teams" dropdown menu, and a search field in the page header. This view is a great way to understand the broader picture for a repository, team, or group of repositories because you can see security alerts of all types in one view.
Note: It's important to understand that all repositories without open alerts are included in the set of unaffected repositories. That is, unaffected repositories include any repositories where the feature is not enabled, in addition to repositories that have been scanned and any alerts identified have been closed.
Viewing organization-level code security risks
-
On your GitHub Enterprise Server instance, navigate to the main page of the organization.
-
Under your organization name, click Security.
-
To view aggregate information about alert types, click Show more.
-
Optionally, filter the list of alerts. You can click multiple filters in the drop-down filter menus to narrow your search. You can also type search qualifiers in the Search repositories field. For more information about the available qualifiers, see "Filtering alerts in security overview."
Viewing security overview for a team
-
In the top right corner of GitHub Enterprise Server, click your profile photo, then click Your organizations.
-
Click the name of your organization.
-
Under your organization name, click Teams.
-
Click the name of the team.
-
At the top of the team's page, click Security.
-
Optionally, filter the list of alerts. You can click multiple filters in the drop-down filter menus to narrow your search. You can also type search qualifiers in the Search repositories field. For more information about the available qualifiers, see "Filtering alerts in security overview."