Reviewing alert dismissal requests

Triage and resolve security alerts in your organization or enterprise by regularly reviewing alert dismissal requests.

Wer kann dieses Feature verwenden?

Zugriff erfordert:

  • Organisationsansichten: Schreibzugriff auf Repositorys in der Organisation
  • Enterprise-Ansichten: Organisationsbesitzerinnen und Sicherheitsmanagerinnen

Organizations or enterprises with GitHub Secret Protection, GitHub Code Security, or GitHub Advanced Security

In diesem Artikel

Prerequisites

To receive and manage alert dismissal requests, you need to enable delegated alert dismissal. For an introduction to delegated alert dismissal and enablement instructions for specific features, see:

Reviewing requests for an organization

  1. Navigieren Sie auf GitHub zur Hauptseite der Organisation.

  2. Klicke unter deinem Organisationsnamen auf Security.

    Screenshot: Horizontale Navigationsleiste für eine Organisation. Eine Registerkarte mit einem Schildsymbol und der Bezeichnung „Sicherheit“ ist durch eine dunkelorange Umrandung hervorgehoben.

  3. In the "Requests" section of the sidebar, click any of the following options to review alert dismissal requests for the relevant feature:

    • Secret scanning alert dismissal
    • Code scanning alert dismissal
    • Dependabot alert dismissal

  4. Optionally, to filter requests by source repository, reviewer, requester, timeframe, or status, use the dropdown menus at the top of the list of requests.

  5. Click the request you want to review.

  6. Read the contents of the alert, as well as the requester's reasoning for the dismissal request.

  7. Next to the dismissal request in the alert timeline, click Review request.

  8. Provide any comments for the requester in the text box, then select either Deny request or Approve request.

  9. Click Submit review.

Reviewing requests across your enterprise

Hinweis

To review an alert dismissal request at the enterprise level, you must be an organization owner or security manager for the source organization, or be granted the necessary permissions through a custom role.

  1. Klicke auf GitHub in der oberen rechten Ecke auf dein Profilbild.
  2. Klicken Sie je nach Ihrer Umgebung auf "Enterprise", oder klicken Sie auf " Unternehmen ", und klicken Sie dann auf das Unternehmen, das Sie anzeigen möchten.
  3. Klicke oben auf der Seite auf Security.
  4. In the "Requests" section of the sidebar, click any of the following options to review alert dismissal requests for the relevant feature:
    • Secret scanning alert dismissal
    • Code scanning alert dismissal
    • Dependabot alert dismissal
  5. Optionally, to filter requests by source organization, reviewer, requester, timeframe, or status, use the dropdown menus at the top of the list of requests.
  6. Click the request you want to review.
  7. Read the contents of the alert, as well as the requester's reasoning for the dismissal request.
  8. Next to the dismissal request in the alert timeline, click Review request.
  9. Provide any comments for the requester in the text box, then select either Deny request or Approve request.
  10. Click Submit review.