зеркало из https://github.com/github/docs.git
Add info on enterprise-level secret scanning metrics (#50794)
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
This commit is contained in:
Sarita Iyer
GitHub
Родитель
82248ff1e4
Коммит
234e71bdcb
|
|
@ -94,7 +94,7 @@ If you plan to configure a link to a resource in the message that's displayed wh
|
|||
|
||||
{%- ifversion security-overview-push-protection-metrics-page %}
|
||||
|
||||
Start to review activity using the push protection metrics page in security overview. For more information, see "[AUTOTITLE](/code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection-in-your-organization)."
|
||||
Start to review activity using the push protection metrics page in security overview. For more information, see "[AUTOTITLE](/code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection)."
|
||||
|
||||
{%- endif %}
|
||||
|
||||
|
|
|
|||
|
|
@ -65,7 +65,7 @@ Once enabled, you can do the following:
|
|||
|
||||
{%- ifversion security-overview-push-protection-metrics-page %}
|
||||
|
||||
1. **Monitor**: Use security overview to view metrics on how push protection is performing in repositories across your organization, so you can quickly identify any repositories where you might need to take action. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection-in-your-organization)."
|
||||
1. **Monitor**: Use security overview to view metrics on how push protection is performing in repositories across your organization, so you can quickly identify any repositories where you might need to take action. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection)."
|
||||
|
||||
{%- endif %}
|
||||
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ You can monitor security alerts to discover when users are bypassing push protec
|
|||
|
||||
{% ifversion security-overview-push-protection-metrics-page %}
|
||||
|
||||
If you are an organization owner or security manager, you can view metrics on how push protection is performing across your organization. For more information, see "[AUTOTITLE](/code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection-in-your-organization)."
|
||||
If you are an organization owner or security manager, you can view metrics on how push protection is performing across your organization. For more information, see "[AUTOTITLE](/code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection)."
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
|
|
|||
|
|
@ -179,6 +179,10 @@ For more information about access to security alerts and related views, see "[AU
|
|||
In the enterprise-level security overview, you can see data for all organizations where you are an organization owner or security manager. However, you cannot use the enterprise-level security overview to enable and disable security features. For more information, see "[AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)."
|
||||
{% endif %}
|
||||
|
||||
{% ifversion ghec %}
|
||||
If you're an owner of an {% data variables.enterprise.prodname_emu_enterprise %}, you can view data from user-owned repositories in security overview and filter by repository owner type. For more information on {% data variables.enterprise.prodname_managed_users %}, see "[AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users)."
|
||||
{% endif %}
|
||||
|
||||
## Further reading
|
||||
|
||||
* "[AUTOTITLE](/code-security/getting-started/securing-your-repository)"
|
||||
|
|
|
|||
|
|
@ -70,11 +70,7 @@ You can view data to assess the enablement of code security features across orga
|
|||
|
||||
In the enterprise-level view, you can view data about the enablement of features, but you cannot enable or disable features. For more information about enabling features, see "[AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories)."
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** You can use the `owner:` filter in the search field to filter the data by organization. For more information, see "[AUTOTITLE](/code-security/security-overview/filtering-alerts-in-security-overview)."
|
||||
|
||||
{% endtip %}
|
||||
{% data reusables.security-overview.enterprise-filters-tip %}
|
||||
|
||||
{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
|
||||
{% data reusables.code-scanning.click-code-security-enterprise %}
|
||||
|
|
|
|||
|
|
@ -74,11 +74,7 @@ You can download a CSV file of the data displayed on the "Security risk" page. T
|
|||
|
||||
You can view data for security alerts across organizations in an enterprise. {% data reusables.security-overview.information-varies-GHAS %}
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** You can use the `org:` filter in the search field to filter the data by organization. For more information, see "[AUTOTITLE](/code-security/security-overview/filtering-alerts-in-security-overview)."
|
||||
|
||||
{% endtip %}
|
||||
{% data reusables.security-overview.enterprise-filters-tip %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
|
|
|||
|
|
@ -94,12 +94,12 @@ If you add custom properties to your organization and set values for repositorie
|
|||
|
||||
## Repository owner name and type filters
|
||||
|
||||
In enterprise-level views, you can limit the data to repositories owned by a single organization in your enterprise or an {% data variables.product.prodname_emu %} (EMU) account. Alternatively, you can filter by account owner type.
|
||||
In enterprise-level views, you can limit the data to repositories owned by a single organization in your enterprise{% ifversion ghec %} or an {% data variables.product.prodname_emu %} (EMU) account. If you are an owner of an {% data variables.enterprise.prodname_emu_enterprise %}, you can also filter by repository owner type{% endif %}.
|
||||
|
||||
| Qualifier | Description | Views |
|
||||
| -------- | -------- | ------ |
|
||||
| `owner` | Display data for all repositories owned by one account owner. | Most views |
|
||||
| `owner-type` | Display data for all repositories owned by an organization or a user account in your enterprise. | "Risk", "Coverage" and {% data variables.secret-scanning.alerts %} |
|
||||
| `owner` | Display data for all repositories owned by one account owner. | Most views |{% ifversion ghec %}
|
||||
| `owner-type` | Display data for all repositories owned by an organization or a user account in your enterprise. | Most views, but only if you are an owner of an {% data variables.enterprise.prodname_emu_enterprise %} |{% endif %}
|
||||
| `org` | Display data for repositories owned by one organization. | {% data variables.product.prodname_dependabot_alerts %} and {% data variables.product.prodname_code_scanning %} alerts |
|
||||
|
||||
{% elsif security-overview-org-risk-coverage-enterprise %}
|
||||
|
|
@ -221,6 +221,6 @@ All {% data variables.product.prodname_code_scanning %} alerts have one of the c
|
|||
|`confidence`|Display {% data variables.secret-scanning.alerts %} of high (`high`) or other (`other`) confidence.|
|
||||
|`is`|Display {% data variables.secret-scanning.alerts %} that are open (`open`) or closed (`closed`).|
|
||||
|`provider` | Display alerts for all secrets issued by a specified provider, for example: `adafruit`. |
|
||||
|`resolution`| Display {% data variables.secret-scanning.alerts %} closed as "false positive" (`false-postive`), "pattern deleted" (`pattern-deleted`), "pattern edited' (`pattern-edited`), "revoked" (`revoked`) "used in tests" (`used-in-tests`), or "won't fix" (`wont-fix`).|
|
||||
|`resolution`| Display {% data variables.secret-scanning.alerts %} closed as "false positive" (`false-positive`), "pattern deleted" (`pattern-deleted`), "pattern edited' (`pattern-edited`), "revoked" (`revoked`) "used in tests" (`used-in-tests`), or "won't fix" (`wont-fix`).|
|
||||
|`sort`| Display alerts from newest to oldest (`created-desc`), oldest to newest (`created-asc`), most recently updated (`updated-desc`), or least recently updated (`updated-asc`).|
|
||||
|`secret-type` | Display alerts for the specified secret and provider (`provider-pattern`) or custom pattern (`custom-pattern`). |
|
||||
|
|
|
|||
|
|
@ -19,5 +19,5 @@ children:
|
|||
- /filtering-alerts-in-security-overview
|
||||
- /enabling-security-features-for-multiple-repositories
|
||||
- /exporting-data-from-the-risk-and-coverage-pages
|
||||
- /viewing-metrics-for-secret-scanning-push-protection-in-your-organization
|
||||
- /viewing-metrics-for-secret-scanning-push-protection
|
||||
---
|
||||
|
|
|
|||
|
|
@ -1,11 +1,13 @@
|
|||
---
|
||||
title: Viewing metrics for secret scanning push protection in your organization
|
||||
title: Viewing metrics for secret scanning push protection
|
||||
shortTitle: View secret scanning metrics
|
||||
allowTitleToDifferFromFilename: true
|
||||
intro: 'You can use security overview to see how {% data variables.product.prodname_secret_scanning %} push protection is performing in repositories across your organization, and to identify repositories where you may need to take action.'
|
||||
intro: 'You can use security overview to see how {% data variables.product.prodname_secret_scanning %} push protection is performing in repositories across your organization{% ifversion security-overview-enterprise-secret-scanning-metrics %} or enterprise{% endif %}, and to identify repositories where you may need to take action.'
|
||||
permissions: '{% data reusables.security-overview.permissions %}'
|
||||
product: '{% data reusables.gated-features.security-overview %}'
|
||||
type: how_to
|
||||
redirect_from:
|
||||
- /code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection-in-your-organization
|
||||
topics:
|
||||
- Security overview
|
||||
- Advanced Security
|
||||
|
|
@ -20,9 +22,9 @@ versions:
|
|||
|
||||
## About metrics for {% data variables.product.prodname_secret_scanning %} push protection
|
||||
|
||||
If you are an organization owner or security manager, the metrics overview for {% data variables.product.prodname_secret_scanning %} push protection helps you to understand how well you are preventing security leaks in your organization. You can use the metrics to assess how push protection is performing, and to easily identify the repositories where you may need to take action in order to prevent leaks of sensitive information.
|
||||
The metrics overview for {% data variables.product.prodname_secret_scanning %} push protection helps you to understand how well you are preventing security leaks in your organization{% ifversion security-overview-enterprise-secret-scanning-metrics %} or across organizations in your enterprise{% endif %}. You can use the metrics to assess how push protection is performing, and to easily identify the repositories where you may need to take action in order to prevent leaks of sensitive information.
|
||||
|
||||
The overview shows you a summary of how many pushes containing secrets have been successfully blocked across your organization by push protection, as well as how many times push protection was bypassed.
|
||||
The overview shows you a summary of how many pushes containing secrets have been successfully blocked by push protection, as well as how many times push protection was bypassed.
|
||||
|
||||
You can also find more granular metrics, such as:
|
||||
* The secret types that have been blocked or bypassed the most
|
||||
|
|
@ -50,9 +52,26 @@ The metrics are based on activity from the default period or your selected perio
|
|||
|
||||
{% endif %}
|
||||
|
||||
## Viewing metrics for {% data variables.product.prodname_secret_scanning %} push protection
|
||||
## Viewing metrics for {% data variables.product.prodname_secret_scanning %} push protection for an organization
|
||||
|
||||
{% data reusables.organizations.navigate-to-org %}
|
||||
{% data reusables.organizations.security-overview %}
|
||||
1. In the sidebar, under "Metrics", click **{% octicon "graph" aria-hidden="true" %} {% data variables.product.prodname_secret_scanning_caps %}**.
|
||||
1. Click on an individual secret type or repository to see the associated {% data variables.secret-scanning.alerts %} for your organization.
|
||||
{% data reusables.security-overview.filter-secret-scanning-metrics %}
|
||||
|
||||
{% ifversion security-overview-enterprise-secret-scanning-metrics %}
|
||||
|
||||
## Viewing metrics for {% data variables.product.prodname_secret_scanning %} push protection for an enterprise
|
||||
|
||||
You can view metrics for {% data variables.product.prodname_secret_scanning %} push protection across organizations in an enterprise. {% data reusables.security-overview.information-varies-GHAS %}
|
||||
|
||||
{% data reusables.security-overview.enterprise-filters-tip %}
|
||||
|
||||
{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
|
||||
{% data reusables.code-scanning.click-code-security-enterprise %}
|
||||
1. In the sidebar, click **{% data variables.product.prodname_secret_scanning_caps %} metrics**.
|
||||
1. Click on an individual secret type or repository to see the associated {% data variables.secret-scanning.alerts %} for your enterprise.
|
||||
{% data reusables.security-overview.filter-secret-scanning-metrics %}
|
||||
|
||||
{% endif %}
|
||||
|
|
@ -56,6 +56,8 @@ Keep in mind that the overview page tracks changes over time for security alert
|
|||
|
||||
## Viewing the security overview dashboard for your enterprise
|
||||
|
||||
{% data reusables.security-overview.enterprise-filters-tip %}
|
||||
|
||||
{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
|
||||
{% data reusables.code-scanning.click-code-security-enterprise %}
|
||||
{% data reusables.security-overview.filter-and-toggle %}
|
||||
|
|
@ -124,7 +126,7 @@ You can also see how many secrets were successfully blocked, which is calculated
|
|||
|
||||
{% ifversion security-overview-additional-tools %}You can click **View details** to view the {% data variables.product.prodname_secret_scanning %} report with the same filters and time period selected. This feature is in beta, and is subject to change.{% endif %}
|
||||
|
||||
For more information on secret scanning push protection metrics, see "[AUTOTITLE](/code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection-in-your-organization)."
|
||||
For more information on secret scanning push protection metrics, see "[AUTOTITLE](/code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection)."
|
||||
|
||||
### Mean time to remediate
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,5 @@
|
|||
# Reference: #14658
|
||||
# Documentation for the enterprise-level secret scanning metrics page
|
||||
versions:
|
||||
ghes: '>3.13'
|
||||
ghec: '*'
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
> [!TIP]
|
||||
> You can use the `owner` filter in the search field to filter the data by organization. {% ifversion ghec %}If you're an owner of an {% data variables.enterprise.prodname_emu_enterprise %}, you can use the `owner-type` filter to filter the data by the type of repository owner, so that you can view data from either organization-owned repositories or user-owned repositories. {% endif %}For more information, see "[AUTOTITLE](/code-security/security-overview/filtering-alerts-in-security-overview#repository-owner-name-and-type-filters)."
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
1. You can use the options at the top of the page to filter the group of repositories that you want to see {% data variables.product.prodname_secret_scanning %} metrics for.
|
||||
* Use the date picker to set the time range that you want to view metrics for. Note that the date used by the date picker corresponds to the date a secret was bypassed on.
|
||||
* Click in the search box to add further filters on the {% data variables.product.prodname_secret_scanning %} metrics displayed. For more information, see "[AUTOTITLE](/code-security/security-overview/filtering-alerts-in-security-overview)."
|
||||
Загрузка…
Ссылка в новой задаче