Delegated alert dismissal allows you to require a review process before dismissing a secret scanning alert. Previously, only organization owners and security managers had permission to review these requests. Now you can assign the “Review and manage secret scanning alert dismissal requests” permission to custom roles at the organization level. This makes it easier to delegate alert review responsibilities to the right people in your organization.

Individuals assigned custom roles will only see requests for repositories that they have access to.

Support for programmatic actors using this permission will be available in the coming weeks.

To learn more about secret scanning alert dismissal requests, see our documentation.