Risk and coverage views on the Code Security tab for enterprises (public beta)

Building upon the success of our organization-level security coverage and risk views, today we’re introducing enterprise-level views to offer enhanced visibility into your enterprise’s security coverage and risk analysis. The refreshed design provides you with an improved user experience with insights and dynamic filtering to maximize your productivity.

Coverage view

The coverage view allows you to gain visibility into the enablement status of security features across all repositories within your enterprise. Within the coverage view, you can:

  • Monitor the counts and percentages of repositories with GitHub security features enabled or disabled, which update when you apply filters.
  • Track enablement for additional security features, including secret scanning push protection, Dependabot security updates, and code scanning pull request alerts.

Enterprise-level security coverage

Risk view

Complementing the coverage view, the new risk view provides a comprehensive overview of all alerts across your enterprise. In the risk view, you can:

  • View the counts and percentages of repositories with security vulnerabilities, which also update when you apply filters.
  • Access open alerts categorized by severity for both Dependabot and code scanning.

Enterprise-level security risk

Both views are now available as a public beta. In the next few weeks, we will deprecate the enterprise-level overview page in favor of these two new views.

Learn more about the new risk and coverage views and send us your feedback

Learn more about GitHub Advanced Security

Organization administrators can now specify the maximum number of organization-billed codespaces that any member of the organization, or collaborator, can create.

By default, without this new policy, if organization members or collaborators are permitted to create codespaces that are billable to your organization, they can create multiple such codespaces. The number of codespaces someone can create is governed by a limit to the total number of codespaces that they can create across all repositories they can access. This limit is set by GitHub. With this new policy you can now control the maximum number of organization owned codespaces someone can create.

When this policy is applied to an organization, members or collaborators who meet or exceed this limit will be unable to create new codespaces that are billed to the organization. In order to create a new organization-billed codespace, they must first delete existing codespaces owned by the organization to get below the specified limit. The maximum codespaces policy does not impact user-billed codespaces, or codespaces created on repositories that are not owned by the organization. The policy must be applied across the entire organization, and cannot target specific repositories.

This policy, especially when combined with the existing retention period and idle timeout policies, provides organization administrators new ways to control cost within their organization, while encouraging best practices around cleaning up codespaces that are no longer in use.

To get started, review the documentation for how to apply a maximum codespaces per user policy within your organization.

Additional Resources

See more

You can now archive all repositories in an organization with a single click. Archiving an organization will:

  • Archive all repositories in the organization
  • Set a key in the API to indicate the org has been archived
  • Restrict activities in that organization such as creating new repos
  • Display a banner on the organization's profile indicating that it's been archived

To archive an organization, go to the organization's settings page and click the "Archive organization" button in the Danger Zone. This will launch a background job which performs the archiving; once complete, the banner will show up on the organization's profile page.

For more information on organization archiving, including how to un-archive an organization, see "Archiving an organization"

This feature is in public beta. We'd love to hear your feedback on how it works for you.

See more