[2023-07-31]: Secret scanning metrics for push protection at the org …

…level - [Public Beta] #9141 (#39445) Co-authored-by: github-actions <[email protected]>
github · Jul 31, 2023 · 7f9ea84 · 7f9ea84
1 parent 1ffee22
commit 7f9ea84
Show file tree

Hide file tree

Showing 6 changed files with 59 additions and 1 deletion.
diff --git a/assets/images/help/security-overview/security-overview-secret-scanning-metrics.png b/assets/images/help/security-overview/security-overview-secret-scanning-metrics.png
diff --git a/content/code-security/secret-scanning/protecting-pushes-with-secret-scanning.md b/content/code-security/secret-scanning/protecting-pushes-with-secret-scanning.md
@@ -27,7 +27,11 @@ If a contributor bypasses a push protection block for a secret, {% data variable
 - adds the bypass event to the audit log.{% ifversion secret-scanning-push-protection-email %}
 - sends an email alert to organization or personal account owners, security managers, and repository administrators who are watching the repository, with a link to the secret and the reason why it was allowed.{% endif %}
 
-You can monitor security alerts to discover when users are bypassing push protections and creating alerts. For more information, see "[AUTOTITLE](/code-security/getting-started/auditing-security-alerts)".
+You can monitor security alerts to discover when users are bypassing push protections and creating alerts. For more information, see "[AUTOTITLE](/code-security/getting-started/auditing-security-alerts)."
+
+{% ifversion security-overview-push-protection-metrics-page %}
+If you are an organization owner or security manager, you can view metrics on how push protection is performing across your organization. For more information, see "[AUTOTITLE](/code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection-in-your-organization)."
+{% endif %}
 
 {% data reusables.secret-scanning.bypass-reasons-and-alerts %}
 

diff --git a/content/code-security/security-overview/index.md b/content/code-security/security-overview/index.md
@@ -17,4 +17,5 @@ children:
   - /assessing-code-security-risk
   - /filtering-alerts-in-security-overview
   - /enabling-security-features-for-multiple-repositories
+  - /viewing-metrics-for-secret-scanning-push-protection-in-your-organization
 ---
diff --git a/...iew/viewing-metrics-for-secret-scanning-push-protection-in-your-organization.md b/...iew/viewing-metrics-for-secret-scanning-push-protection-in-your-organization.md
@@ -0,0 +1,42 @@
+---
+title: Viewing metrics for secret scanning push protection in your organization
+shortTitle: View secret scanning metrics
+allowTitleToDifferFromFilename: true
+intro: 'You can use security overview to see how {% data variables.product.prodname_secret_scanning %} push protection is performing in repositories across your organization, and to identify repositories where you may need to take action.'
+permissions: '{% data reusables.security-overview.permissions %}'
+product: '{% data reusables.gated-features.security-overview %}'
+type: how_to
+topics:
+  - Security overview
+  - Advanced Security
+  - Secret scanning
+  - Organizations
+  - Teams
+versions:
+  feature: security-overview-push-protection-metrics-page
+---
+
+{% data reusables.secret-scanning.push-protection-org-metrics-beta %}
+
+## About metrics for {% data variables.product.prodname_secret_scanning %} push protection
+
+If you are an organization owner or security manager, the metrics overview for {% data variables.product.prodname_secret_scanning %} push protection helps you to understand how well you are preventing security leaks in your organization. You can use the metrics to assess how push protection is performing, and to easily identify the repositories where you may need to take action in order to prevent leaks of sensitive information.
+
+The overview shows you a summary of how many pushes containing secrets have been successfully blocked across your organization by push protection, as well as how many times push protection was bypassed.
+
+You can also find more granular metrics, such as:
+- the secret types that have been blocked or bypassed the most
+- the repositories that have had the most pushes blocked
+- the repositories that are bypassing push protection the most
+- the percentage distribution of reasons that users give when they bypass the protection
+
+The metrics are based on activity from the last 30 days.
+
+![Screenshot of the top section of the "Metrics" view for secret scanning on the "Security" tab for an organization.](/assets/images/help/security-overview/security-overview-secret-scanning-metrics.png)
+
+## Viewing metrics for {% data variables.product.prodname_secret_scanning %} push protection
+
+{% data reusables.organizations.navigate-to-org %}
+{% data reusables.organizations.security-overview %}
+1. In the sidebar, under "Metrics", click **{% octicon "graph" aria-hidden="true"  %} {% data variables.product.prodname_secret_scanning_caps %}**.
+1. Click on an individual secret type or repository to see the associated {% data variables.secret-scanning.alerts %} for your organization.
diff --git a/data/features/security-overview-push-protection-metrics-page.yml b/data/features/security-overview-push-protection-metrics-page.yml
@@ -0,0 +1,5 @@
+# Reference: #9141.
+# Security overview - secret scanning push protection metrics
+versions:
+  ghec: '*'
+  ghes: '> 3.10'
diff --git a/data/reusables/secret-scanning/push-protection-org-metrics-beta.md b/data/reusables/secret-scanning/push-protection-org-metrics-beta.md
@@ -0,0 +1,6 @@
+
+{% note %}
+
+**Note:** {% data variables.product.prodname_secret_scanning_caps %} metrics for push protection is currently in beta and subject to change.
+
+{% endnote %}