Fast follow updates to security overview docs for secret scanning non…

…-provider alerts (#45898) Co-authored-by: mc <[email protected]>
witaliy12 · Nov 17, 2023 · 500e683 · 500e683
1 parent 08dc97f
commit 500e683
Show file tree

Hide file tree

Showing 10 changed files with 57 additions and 21 deletions.
diff --git a/content/code-security/getting-started/securing-your-organization.md b/content/code-security/getting-started/securing-your-organization.md
@@ -78,7 +78,8 @@ When you're ready to proceed, follow these steps to enable a feature for all rep
 {% data reusables.organizations.navigate-to-org %}
 {% data reusables.organizations.org_settings %}
 1. In the left sidebar, click {% octicon "codescan" aria-hidden="true" %} **Code security and analysis**.
-1. To enable a feature in all repositories in your organization where the feature is supported, next to the name of the feature, click **Enable all**.
+1. Locate the feature that you want to enable and use any associated check boxes to fine-tune the options.
+1. When you are ready to enable the feature for all repositories in your organization where the feature is supported, next to the name of the feature, click **Enable all**.
 
 When you click **Enable all**, you'll be prompted to confirm your choice. You'll also be told if the feature depends on another feature, or requires {% data variables.product.prodname_GH_advanced_security %}. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories)."
 
@@ -106,6 +107,8 @@ On this view, you can use checkboxes to select specific repositories, or you can
 If you have a limited number of licenses for {% data variables.product.prodname_GH_advanced_security %}, you may want to prioritize repositories that contain critical projects, or that have the highest commit frequencies. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)." {% ifversion ghec %}When you use the "Security coverage" view, you can can see the number of active committers for the repositories you select, and therefore the number of {% data variables.product.prodname_GH_advanced_security %} licenses that enabling a feature will consume.{% endif %}
 {% endif %}
 
+{% data reusables.security-overview.settings-limitations %}
+
 ### Enabling a feature for new repositories
 
 You can choose to enable a security feature automatically in all new repositories that are created in your organization. Enabling features in new repositories ensures they are protected immediately, and ensures any vulnerabilities in the repositories are identified as early as possible. However, to use security features as efficiently as possible, you may prefer to review each new repository individually.

diff --git a/content/code-security/secret-scanning/managing-alerts-from-secret-scanning.md b/content/code-security/secret-scanning/managing-alerts-from-secret-scanning.md
@@ -97,8 +97,8 @@ As an organization owner, or repository administrator, you need to enable the de
 
 Non-provider alerts are different from high confidence alerts. Non-provider alerts:
 
-- Are not shown in security overview.
-- Are listed in a different view from high confidence alerts. That view is called "Other".
+- Are not shown in the summary views for security overview, only in the "{% data variables.product.prodname_secret_scanning_caps %}" view.
+- Are listed in a different view from high-confidence alerts. That view is called "Other".
 - Only have the first five detected locations shown on {% data variables.product.prodname_dotcom %}.
 - Are limited in quantity to 5000 alerts per repository (this includes open and closed alerts).
 

diff --git a/content/code-security/security-overview/about-security-overview.md b/content/code-security/security-overview/about-security-overview.md
@@ -34,7 +34,7 @@ topics:
 {% note %}
 
 **Note:** Security overview shows information and metrics for the default branches of an organization's repositories.
-  
+
 {% endnote %}
 
 Security overview shows which security features are enabled for repositories and includes repository and alert-focused views so you can quickly investigate security issues and take action to remediate them.
@@ -77,6 +77,8 @@ Security overview has multiple views that provide different ways to explore enab
 - Use "Risk" to assess the risk from security alerts of all types for one or more repositories in the organization.
 - Use the individual security alert views to identify your risk from specific vulnerable dependencies, code weaknesses, or leaked secrets.
 
+{% data reusables.security-overview.alert-differences %}
+
 For more information about these views, see {% ifversion security-overview-dashboard %}"[AUTOTITLE](/code-security/security-overview/viewing-security-insights-for-your-organization),"{% endif %}"[AUTOTITLE](/code-security/security-overview/assessing-adoption-code-security)" and "[AUTOTITLE](/code-security/security-overview/assessing-code-security-risk)."
 
 {% else %}

diff --git a/content/code-security/security-overview/assessing-adoption-code-security.md b/content/code-security/security-overview/assessing-adoption-code-security.md
@@ -47,13 +47,8 @@ In the list of repositories, the "Paused" label under "{% data variables.product
 {% ifversion code-security-multi-repo-enablement %}
 1. Optionally, select some or all of the repositories that match your current search and click **Security settings** in the table header to display a side panel where you can enable security features for the selected repositories. When you've finished, click **Apply changes** to confirm the changes. For more information, see "[AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories)."
 {% endif %}
-{% ifversion bulk-code-scanning-query-suite %}
-{% note %}
 
-**Note:** For {% ifversion code-security-multi-repo-enablement %}both the single and multiple {% else %}the single {% endif %}repository enablement settings, enabling {% data variables.product.prodname_code_scanning %} will override any existing {% data variables.product.prodname_code_scanning %} configurations for the selected repositories, including any previous query suite selections and workflows for advanced setups.
-
-{% endnote %}
-{% endif %}
+{% data reusables.security-overview.settings-limitations %}
 
 {% ifversion security-overview-org-risk-coverage-enterprise %}
 

diff --git a/content/code-security/security-overview/assessing-code-security-risk.md b/content/code-security/security-overview/assessing-code-security-risk.md
@@ -70,7 +70,7 @@ You can download a CSV file of the data displayed on the "Security risk" page. T
 
 {% endif %}
 
-{% ifversion ghec or ghes or ghae %}
+{% data reusables.security-overview.alert-differences %}
 
 ## Viewing enterprise-level code security risks
 
@@ -96,7 +96,7 @@ You can view data for security alerts across organizations in an enterprise. {%
 {% data reusables.organizations.security-overview-feature-specific-page %}{% endif %}
 {% endif %}
 
-{% endif %}
+{% data reusables.security-overview.alert-differences %}
 
 {% ifversion ghes < 3.7 or ghae < 3.7 %}
 

diff --git a/...urity/security-overview/enabling-security-features-for-multiple-repositories.md b/...urity/security-overview/enabling-security-features-for-multiple-repositories.md
@@ -45,11 +45,7 @@ For more information about the different ways of enabling security features in a
 1. In the side panel, next to all the security features you want to enable or disable, select **Enable** or **Disable**.
 1. As you make changes, the **Apply changes** button reports the number of security features you have edited. To confirm the changes, click **Apply changes NUMBER**. Alternatively, click {% octicon "x" aria-label="Close" %} to close the panel without making changes.
 
-   {% note %}
-
-   **Note:** Enabling {% data variables.product.prodname_code_scanning %} for multiple repositories in an organization using security overview will override any existing {% data variables.product.prodname_code_scanning %} configurations for the selected repositories, including any previous query suite selections and workflows for advanced setups.
-
-   {% endnote %}
+   {% data reusables.security-overview.settings-limitations %}
 
    ![Screenshot of the "Security coverage" view with the side panel open. The "Apply changes" button is highlighted in a dark orange outline.](/assets/images/help/security-overview/security-coverage-view-multi-repo-side-panel.png)
 

diff --git a/...e-security/security-overview/exporting-data-from-the-risk-and-coverage-pages.md b/...e-security/security-overview/exporting-data-from-the-risk-and-coverage-pages.md
@@ -36,3 +36,13 @@ The CSV file you download will contain data corresponding to the filters you hav
 1. Next to the search bar, click {% octicon "download" aria-hidden="true" %} **Export CSV**.
 
     It may take a moment for {% data variables.product.product_name %} to generate the CSV file of your data. Once the CSV file generates, the file will automatically start downloading, and a banner will appear confirming your report is ready.
+
+{% ifversion secret-scanning-non-provider-patterns %}
+
+{% note %}
+
+**Note:** The summary views ({% ifversion security-overview-dashboard %}"Overview", {% endif %}"Coverage" and "Risk") show data only for high-confidence alerts. {% data variables.product.prodname_code_scanning_caps %} alerts from third-party tools, and {% data variables.product.prodname_secret_scanning %} alerts for non-provider patterns or for ignored directories are all omitted from these views. Consequently, files exported from the summary views do not contain data for these types of alert.
+
+{% endnote %}
+
+{% endif %}
diff --git a/...e-security/security-overview/viewing-security-insights-for-your-organization.md b/...e-security/security-overview/viewing-security-insights-for-your-organization.md
@@ -33,9 +33,11 @@ Enterprise members can access the overview page for organizations in their enter
 ### Limitations
 
 The data that populates the overview page can and will change over time due to various factors, such as repository deletion or modifications to a security advisory. This means that the overview metrics for the same time period could vary if viewed at two different times. For compliance reports or other scenarios where data consistency is crucial, we recommend that you source data from the audit log. For more information, see "[AUTOTITLE](/code-security/getting-started/auditing-security-alerts)."
-  
+
 Keep in mind that the overview page tracks changes over time for security alert data only. If you filter the page by non-alert attributes, such as repository status, the data you see will reflect the current state of those attributes, instead of the historical state. For example, consider that you archived a repository that contains open security alerts, an action which closes the alerts. If you then view the overview page for the week before you archived the repository, the alert data for the repository will only appear when you filter to show data from archived repositories, because the current state of the repository is archived. However, the alerts will appear as open, since they were open during that time period and the overview page tracks the historical state of alerts.
 
+{% data reusables.security-overview.alert-differences %}
+
 ## Viewing the security overview dashboard
 
 {% data reusables.organizations.navigate-to-org %}
@@ -44,7 +46,7 @@ Keep in mind that the overview page tracks changes over time for security alert
 1. Use the options at the top of the overview page to filter the group of alerts you want to see metrics for. All of the data and metrics on the page will change as you adjust the filters.
    - Use the date picker to set the time range that you want to view alert activity and metrics for.
    - Click in the search box to add further filters on the alerts and metrics displayed.
-  
+
     ![Screenshot of the overview page in security overview for an organization. The options for filtering are outlined in dark orange, including the date picker and search field.](/assets/images/help/security-overview/security-overview-dashboard-filters.png)
 
 1. For the alert trends graph at the top of the page, you can click **{% octicon "shield" aria-hidden="true"  %} Open alerts** or **{% octicon "shield-x" aria-hidden="true"  %} Closed alerts** to toggle between showing the trends for open or closed alerts. The toggle will only affect the alert trends graph. For more information, see "[Alert trends graph](#alert-trends-graph)."
@@ -58,7 +60,7 @@ Keep in mind that the overview page tracks changes over time for security alert
 - [Net resolve rate](#net-resolve-rate)
 - [Alert activity graph](#alert-activity-graph)
 - [Impact analysis for repositories](#impact-analysis-for-repositories)
-  
+
 ### Alert trends graph
 
 The alert trends graph shows the change in the number of alerts in your organization over the time period you have chosen. Alerts are grouped by severity. You can toggle the graph between open and closed alerts.
@@ -96,7 +98,7 @@ The rate is calculated by dividing the number of alerts that were closed and rem
 {% note %}
 
 **Note:** The net resolve rate takes into account any new and any closed alerts during the chosen time period. This means that the set of new alerts and set of closed alerts used for the calculation do not necessarily correspond, since they may represent different populations of alerts.
-  
+
 {% endnote %}
 
 Alerts that are reopened and re-closed during the chosen time period are ignored.

diff --git a/data/reusables/security-overview/alert-differences.md b/data/reusables/security-overview/alert-differences.md
@@ -0,0 +1,9 @@
+{% ifversion secret-scanning-non-provider-patterns %}
+
+{% note %}
+
+**Note:** The summary views ({% ifversion security-overview-dashboard %}"Overview", {% endif %}"Coverage" and "Risk") show data only for high confidence alerts. {% data variables.product.prodname_code_scanning_caps %} alerts from third-party tools, and {% data variables.product.prodname_secret_scanning %} alerts for ignored directories and non-provider alerts are all omitted from these views. Consequently, the individual alert views may include a larger number of open and closed alerts.
+
+{% endnote %}
+
+{% endif %}
diff --git a/data/reusables/security-overview/settings-limitations.md b/data/reusables/security-overview/settings-limitations.md
@@ -0,0 +1,19 @@
+{% ifversion secret-scanning-non-provider-patterns %}
+{% note %}
+
+**Notes:**
+
+- Enabling {% data variables.product.prodname_code_scanning %} will override any existing {% data variables.product.prodname_code_scanning %} configurations for the selected repositories, including any previous query suite selections and workflows for advanced setups.
+- Enabling "Alerts" for {% data variables.product.prodname_secret_scanning %} enables high-confidence alerts . If you want to enable non-provider alerts, you need to edit the repository, organization, or enterprise settings. For more information about alert types, see "[Supported secrets](/code-security/secret-scanning/secret-scanning-patterns#supported-secrets)."
+
+{% endnote %}
+
+{% elsif bulk-code-scanning-query-suite and not fpt %}
+
+{% note %}
+
+**Note:** For {% ifversion code-security-multi-repo-enablement %}both the single and multiple {% else %}the single {% endif %}repository enablement settings, enabling {% data variables.product.prodname_code_scanning %} will override any existing {% data variables.product.prodname_code_scanning %} configurations for the selected repositories, including any previous query suite selections and workflows for advanced setups.
+
+{% endnote %}
+
+{% endif %}