組織のシークレット リスク評価の実行

secret risk assessment レポートを生成して、漏洩したシークレットに対する組織の露出を特定します。

この機能を使用できるユーザーについて

Organization の所有者とセキュリティ マネージャー

GitHub Team および GitHub Enterprise の組織は無料

この記事の内容

Generating an initial secret risk assessment

  1. On GitHub, navigate to the main page of the organization.

  2. Under your organization name, click Security.

    Screenshot of the horizontal navigation bar for an organization. A tab, labeled with a shield icon and "Security," is outlined in dark orange.

  3. In the sidebar, under "Security", click Assessments.

  4. To generate the secret risk assessment, click Scan your organization.

    If you're an organization owner and you've opted in for email notifications, GitHub will send you an email to let you know when the report is ready to view.

Rerunning the secret risk assessment

メモ

You can only generate a secret risk assessment report once every 90 days.

  1. On GitHub, navigate to the main page of the organization.

  2. Under your organization name, click Security.

    Screenshot of the horizontal navigation bar for an organization. A tab, labeled with a shield icon and "Security," is outlined in dark orange.

  3. In the sidebar, under "Security", click Assessments.

  4. Towards the top right side of the existing report, click .

  5. Select Rerun scan.

    If you're an organization owner and you've opted in for email notifications, GitHub will send you an email to let you know when the report is ready to view.

Next steps

Now that you've generated a secret risk assessment report for your organization, learn how to interpret the results. See Interpreting secret risk assessment results.