Add content for "Security overview CSV export" (#41269)

Co-authored-by: Kelly Arwine <[email protected]>
Co-authored-by: SiaraMist <[email protected]>

content/code-security/security-overview/about-security-overview.md

@@ -35,7 +35,11 @@ Security overview shows which security features are enabled for repositories, an
 - Risk and coverage information about {% data variables.product.prodname_dependabot %} features and alerts is shown for all repositories.
 - Risk and coverage information for {% data variables.product.prodname_GH_advanced_security %} features, such as {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_secret_scanning %}, is shown for enterprises that use {% data variables.product.prodname_GH_advanced_security %}{% ifversion ghec %} and for public repositories{% endif %}.
 
-For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts#dependabot-alerts-for-vulnerable-dependencies) and "[AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security)."
+For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts#dependabot-alerts-for-vulnerable-dependencies)" and "[AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security)."
+
+{% ifversion security-overview-export-data %}
+{% data reusables.security-overview.download-csv-files %} For more information, see "[AUTOTITLE](/code-security/security-overview/exporting-data-from-the-risk-and-coverage-pages)."
+{% endif %}
 
 The views are interactive with filters that allow you to look at the aggregated data in detail and identify sources of high risk or low feature coverage. As you apply multiple filters to focus on narrower areas of interest, all data and metrics across the view change to reflect your current selection. For more information, see "[AUTOTITLE](/code-security/security-overview/filtering-alerts-in-security-overview)."
 

content/code-security/security-overview/assessing-adoption-code-security.md

@@ -24,6 +24,10 @@ You can use security overview to see which repositories and teams have already e
 
 ![Screenshot of the header section of the "Security coverage" view on the "Security" tab for an organization. The options for filtering are outlined in dark orange, including "enabled" and "not enabled" links, "Teams" selector, and search field.](/assets/images/help/security-overview/security-coverage-view-summary.png)
 
+{% ifversion security-overview-export-data %}
+You can download a CSV file of the data displayed on the "Security coverage" page. This data file can be used for efforts like security research and in-depth data analysis, and can integrate easily with external datasets. For more information, see "[AUTOTITLE](/code-security/security-overview/exporting-data-from-the-risk-and-coverage-pages)."
+{% endif %}
+
 ## Viewing the enablement of code security features for an organization
 
 {% data reusables.security-overview.information-varies-GHAS %}

content/code-security/security-overview/assessing-code-security-risk.md

@@ -32,6 +32,10 @@ You can use security overview to see which repositories and teams are free from
 
 ![Screenshot of the header section of the "Security risk" view on the "Security" tab for an organization. The options for filtering are outlined in dark orange, including "affected"/"unaffected" links, "Teams" selector, and search field.](/assets/images/help/security-overview/security-risk-view-summary.png)
 
+{% ifversion security-overview-export-data %}
+You can download a CSV file of the data displayed on the "Security risk" page. This data file can be used for efforts like security research and in-depth data analysis, and can integrate easily with external datasets. For more information, see "[AUTOTITLE](/code-security/security-overview/exporting-data-from-the-risk-and-coverage-pages)."
+{% endif %}
+
 {% note %}
 
 **Note:** It's important to understand that all repositories without open alerts are included in the set of unaffected repositories. That is, unaffected repositories include any repositories where the feature is not enabled, in addition to repositories that have been scanned and any alerts identified have been closed.

content/code-security/security-overview/exporting-data-from-the-risk-and-coverage-pages.md

@@ -0,0 +1,38 @@
+---
+title: Exporting data from the risk and coverage pages
+shortTitle: Export data
+intro: You can export CSV files of your risk and coverage data from security overview.
+permissions: '{% data reusables.security-overview.permissions %}'
+product: '{% data reusables.gated-features.security-overview %}'
+versions:
+  feature: security-overview-export-data
+type: how_to
+topics:
+  - Security overview
+  - Advanced Security
+  - Alerts
+  - Organizations
+  - Teams
+---
+
+## About exporting your risk and coverage data
+
+{% data reusables.security-overview.download-csv-files %}
+
+The CSV file you download will contain data corresponding to the filters you have applied to security overview. For example, if you add the filter `dependabot-alerts:enabled`, your file will only contain data for repositories that have enabled {% data variables.product.prodname_dependabot_alerts %}.
+
+{% note %}
+
+**Note:** You can only export data for the first 20 teams in your organization. These 20 teams correspond with the first 20 teams visible in the **Teams** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu on security overview.
+
+{% endnote %}
+
+## Exporting risk or coverage data from your organization's security overview
+
+{% data reusables.profile.access_org %}
+1. In the "Organizations" section, select the organization for which you would like to download risk and/or coverage data.
+{% data reusables.organizations.security-overview %} By default, you will see the risk page of your organization's security overview.
+1. If you would instead like to download coverage data for your organization, in the "Security" sidebar, click {% octicon "meter" aria-hidden="true" %} **Coverage**.
+1. Next to the search bar, click {% octicon "download" aria-hidden="true" %} **Export CSV**.
+
+    It may take a moment for {% data variables.product.product_name %} to generate the CSV file of your data. Once the CSV file generates, the file will automatically start downloading, and a banner will appear confirming your report is ready.

content/code-security/security-overview/index.md

@@ -18,5 +18,6 @@ children:
   - /assessing-code-security-risk
   - /filtering-alerts-in-security-overview
   - /enabling-security-features-for-multiple-repositories
+  - /exporting-data-from-the-risk-and-coverage-pages
   - /viewing-metrics-for-secret-scanning-push-protection-in-your-organization
 ---

data/features/security-overview-export-data.yml

@@ -0,0 +1,5 @@
+# Reference: #11417
+# Documentation for the ability to download CSV files of data from the risk and coverage pages of security overview.
+versions:
+  ghec: '*'
+  ghes: '>3.11'

data/reusables/profile/access_org.md

@@ -1,3 +1,3 @@
-1. In the top right corner of {% ifversion fpt or ghec %}{% data variables.product.prodname_dotcom_the_website %}{% else %}{% data variables.product.product_name %}{% endif %}, click your profile photo, then click **Your organizations**.
+1. In the top right corner of {% ifversion fpt or ghec %}{% data variables.product.prodname_dotcom_the_website %}{% else %}{% data variables.product.product_name %}{% endif %}, click your profile photo, then click{% ifversion fpt or ghec %} {% octicon "organization" aria-hidden="true" %}{% endif %} **Your organizations**.
 
    ![Screenshot of the dropdown menu under @octocat's profile picture. "Your organizations" is outlined in dark orange.](/assets/images/help/profile/your-organizations.png)

data/reusables/security-overview/download-csv-files.md

@@ -0,0 +1 @@
+You can download CSV files containing data from the risk and coverage pages of security overview. These files can be used for efforts like security research and in-depth data analysis, and can integrate easily with external datasets.