Security overview

Security overview provides a single pane of glass to view a summary of your organization's security risk and Advanced Security enablement status.

All organizations, regardless of if they have an Advanced Security-enabled repository or not, are able to see the security overview tab in their organization settings.

GitHub Advanced Security for Azure DevOps works with Azure Repos. If you want to use GitHub Advanced Security with GitHub repositories, see GitHub Advanced Security.

About security overview

Security overview is available to view for all members of the organization who have access to view organization settings. Under the Risk tab, security overview shows you the distribution of total alerts and of alerts by severity across all projects and repositories with Advanced Security enabled under your selected organization. Under the Coverage tab, security overview shows the enablement status and navigation to repository settings to quickly enable Advanced Security for any repository.

Viewing security insights

To access the security overview for your organization, navigate to Organization settings > Security overview. The default view is of the Risk tab, which shows a summary of security alerts across dependency scanning, secret scanning, and code scanning in totality and by severity. In the Risk view, only repositories with Advanced Security enabled appear. The reported alert counts are only for alerts discovered on the default branch for each repository.

Under the Coverage tab, security overview shows all repositories in your enterprise, regardless of their enablement status.

By hovering on a specific repository, security overview directs you to that repository's settings pane where you can enable Advanced Security. To learn more about configuring Advanced Security features, refer to Configure GitHub Advanced Security.