Skip to main content

Managing alerts from secret scanning

Learn how to find, evaluate, and resolve alerts for secrets stored in your repository.

Who can use this feature?

Secret scanning is available for the following repositories:

  • Organization-owned repositories with GitHub Advanced Security enabled
  • User-owned repositories for an enterprise with GitHub Advanced Security enabled

About secret scanning alerts

Learn about the different types of secret scanning alerts.

Viewing and filtering alerts from secret scanning

Learn how to find and filter secret scanning alerts for your repository.

Evaluating alerts from secret scanning

Learn about additional features that can help you evaluate alerts and prioritize their remediation, such as checking a secret's validity.

Resolving alerts from secret scanning

After reviewing the details of a secret scanning alert, you should fix and then close the alert.

Monitoring alerts from secret scanning

Learn how and when GitHub Enterprise Server will notify you about a secret scanning alert.