Release
• 1 minute read

Delegated alert dismissal for code scanning and secret scanning now available in public preview

Summary

Keep control over the security posture of your organization with delegated alert dismissal. With this feature, you can require a review process before alerts are dismissed in code scanning and…

Keep control over the security posture of your organization with delegated alert dismissal. With this feature, you can require a review process before alerts are dismissed in code scanning and secret scanning. This helps you manage security risk better, as well as meet audit and compliance requirements.

While this feature adds oversight and control, organizations should carefully balance security needs with development velocity. Things to consider include:

  • Who can close alerts
  • When and how alerts should be closed
  • Who should review and approve dismissal requests.

This feature can be configured and managed at scale using security configurations or at the repository level.

Each dismissal request requires a mandatory comment explaining the rationale, with email notifications sent to both approvers and requesters throughout the process. If rejected, the alert remains open.

People with the organization owner or security manager role can review and approve dismissal requests by default. The state of previously dismissed alerts does not change when enabling this feature.

The dismissal and approval process is visible on the alert timeline, included on the audit log, and accessible through both the REST API and webhooks.

You can enable this feature today for code scanning and secret scanning in GitHub Enterprise Cloud. It will also be available in version 3.17 of GitHub Enterprise Server.

New Releases

Improvements

Deprecations

Back to top