title: Assessing the security risk of your code
shortTitle: Assess security risk of code
allowTitleToDifferFromFilename: true
intro: >-
You can use security overview to see which teams and repositories are affected
by security alerts, and identify repositories for urgent remedial action.
permissions: '{% data reusables.permissions.security-overview %}'
product: '{% data reusables.gated-features.security-overview-fpt-both %}'
type: how_to
topics:
- Security overview
- Code Security
- Secret Protection
- Alerts
- Organizations
- Teams
versions:
fpt: '*'
ghes: '*'
ghec: '*'
redirect_from:
- /code-security/security-overview/viewing-the-security-overview
Exploring the security risks in your code
You can use the different views on your Security tab to explore the security risks in your code.
- Overview: use to explore trends in Detection, Remediation, and Prevention of security alerts.
- Risk: use to explore the current state of repositories, across all alert types.{% ifversion secret-risk-assessment %}
- Assessments: use to explore the current state of repositories, for secret leaks specifically{% endif %}
- Alerts views: use to explore {% data variables.product.prodname_code_scanning %}, {% data variables.product.prodname_dependabot %}, or {% data variables.product.prodname_secret_scanning %} alerts in greater detail.
These views provide you with the data and filters to:
- Assess the landscape of security risk of code stored in all your repositories.
- Identify the highest impact vulnerabilities to address.
- Monitor your progress in remediating potential vulnerabilities.{% ifversion secret-risk-assessment %}
- Understand how your organization is affected by secret leaks and exposures.{% endif %}{% ifversion security-overview-export-data %}
- Export your current selection of data for further analysis and reporting. {% endif %}
For information about the Overview, see AUTOTITLE.
Viewing organization-level security risks in code
{% data reusables.organizations.navigate-to-org %} {% data reusables.organizations.security-overview %} {% data reusables.security-overview.open-security-risk-view %} {% data reusables.code-scanning.using-security-overview-risk %}
{% data reusables.security-overview.unaffected-repositories %}
{% data reusables.organizations.security-overview-feature-specific-page %} {% ifversion security-overview-export-data %}
- Optionally, use the {% octicon "download" aria-hidden="true" aria-label="download" %} Export CSV button to download a CSV file of the data currently displayed on the page for security research and in-depth data analysis. For more information, see AUTOTITLE. {% endif %}
{% data reusables.security-overview.alert-differences %}
Viewing enterprise-level security risks in code
You can view data for security alerts across organizations in an enterprise.
{% data reusables.security-overview.enterprise-filters-tip %}
{% ifversion ghes %}{% data reusables.enterprise-accounts.access-enterprise-ghes %}{% else %}{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}{% endif %} {% data reusables.code-scanning.click-code-security-enterprise %}
To display the "Security risk" view, in the sidebar, click {% octicon "shield" aria-hidden="true" aria-label="shield" %} Risk. {% data reusables.code-scanning.using-security-overview-risk %}
{% data reusables.security-overview.unaffected-repositories %}
{% data reusables.organizations.security-overview-feature-specific-page %}{% ifversion security-overview-export-data %}
- Optionally, use the {% octicon "download" aria-hidden="true" aria-label="download" %} Export CSV button to download a CSV file of the data currently displayed on the page for security research and in-depth data analysis. For more information, see AUTOTITLE. {% endif %}
{% data reusables.security-overview.alert-differences %}
{% ifversion security-campaigns %}
Next steps
When you have assessed your security risks, you are ready to create a security campaign to collaborate with developers to remediate alerts. For information about fixing security alerts at scale, see AUTOTITLE and AUTOTITLE. {% endif %}