Note: Secret scanning metrics for push protection is currently in beta and subject to change.
If you are an organization owner or security manager, the metrics overview for secret scanning push protection helps you to understand how well you are preventing security leaks in your organization. You can use the metrics to assess how push protection is performing, and to easily identify the repositories where you may need to take action in order to prevent leaks of sensitive information.
The overview shows you a summary of how many pushes containing secrets have been successfully blocked across your organization by push protection, as well as how many times push protection was bypassed.
You can also find more granular metrics, such as:
- the secret types that have been blocked or bypassed the most
- the repositories that have had the most pushes blocked
- the repositories that are bypassing push protection the most
- the percentage distribution of reasons that users give when they bypass the protection
The metrics are based on activity from the last 30 days.
On GitHub.com, navigate to the main page of the organization.
Under your organization name, click Security.
In the sidebar, under "Metrics", click Secret scanning.
Click on an individual secret type or repository to see the associated secret scanning alerts for your organization.