Repo sync

content/code-security/index.md

@@ -5,11 +5,13 @@ intro: 'Build security into your {% data variables.product.github %} workflow to
 redirect_from:
   - /code-security/guides
 introLinks:
+  overview: '{% ifversion ghes %}/code-security/getting-started/github-security-features{% endif %}'
   generate_secret_risk_assessment_report_for_free: '{% ifversion secret-risk-assessment %}/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/viewing-the-secret-risk-assessment-report-for-your-organization#generating-an-initial-secret-risk-assessment{% endif %}'
 featuredLinks:
   startHere: # Links aimed at the builder audience
-    - /code-security/getting-started/github-security-features
+    - '{% ifversion fpt or ghec %}/code-security/getting-started/github-security-features{% endif %}'
     - /code-security/getting-started/quickstart-for-securing-your-repository
+    - '{% ifversion ghes %}/code-security/secret-scanning/working-with-secret-scanning-and-push-protection{% endif %}'
     - /code-security/getting-started/dependabot-quickstart-guide
     - /code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning
   guideCards:

content/code-security/secret-scanning/introduction/about-secret-scanning.md

@@ -1,7 +1,10 @@
 ---
 title: About secret scanning
 intro: '{% data variables.product.github %} scans repositories for known types of secrets, to prevent fraudulent use of secrets that were committed accidentally.'
-product: '{% data reusables.gated-features.secret-scanning %}'
+product: |
+  {% data reusables.gated-features.secret-scanning %}{% ifversion secret-risk-assessment %}
+
+  {% data variables.secret-scanning.secret-risk-assessment-cta-product %}{% endif %}
 redirect_from:
   - /github/administering-a-repository/about-token-scanning
   - /articles/about-token-scanning
@@ -30,7 +33,9 @@ shortTitle: Secret scanning
 
 {% ifversion ghas-products %}{% ifversion secret-risk-assessment %}
 > [!TIP]
-> Regardless of the enablement status of {% data variables.product.prodname_AS %} features, organizations on {% data variables.product.prodname_team %} and {% data variables.product.prodname_enterprise %} can run a free report to scan the code in the organization for leaked secrets, see [AUTOTITLE](/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/about-secret-risk-assessment).{% endif %}{% else %}{% endif %}
+> Regardless of the enablement status of {% data variables.product.prodname_AS %} features, organizations on {% data variables.product.prodname_team %} and {% data variables.product.prodname_enterprise %} can run a free report to scan the code in the organization for leaked secrets.
+>
+> To generate a report, open {% data reusables.security-overview.navigate-to-risk-assessment %}.{% endif %}{% else %}{% endif %}
 
 When a supported secret is leaked, {% data variables.product.github %} generates a {% data variables.product.prodname_secret_scanning %} alert. Alerts are reported on the **Security** tab of repositories on {% data variables.product.github %}, where you can view, evaluate, and resolve them. For more information, see [AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning).
 

content/code-security/securing-your-organization/index.md

@@ -1,7 +1,7 @@
 ---
 title: Securing your organization
 shortTitle: Secure your organization
-intro: 'Secure your organization at scale with {% data variables.product.company_short %}''s security products{% ifversion security-configurations %} through {% data variables.product.prodname_security_configurations %} and {% data variables.product.prodname_global_settings %}{% endif %}.'
+intro: 'Secure your organization at scale with {% data variables.product.company_short %}''s security products{% ifversion security-configurations %} through {% data variables.product.prodname_security_configurations %} and {% data variables.product.prodname_global_settings %}{% endif %}.{% ifversion secret-risk-assessment %}<br>{% data variables.secret-scanning.secret-risk-assessment-cta-product %}{% endif %}'
 versions:
   fpt: '*'
   ghec: '*'

content/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/about-secret-risk-assessment.md

@@ -2,7 +2,7 @@
 title: 'About the secret risk assessment'
 shortTitle: 'Secret risk assessment'
 intro: 'Learn why it''s so important to understand your organization''s exposure to data leaks and how the {% data variables.product.prodname_secret_risk_assessment %} report gives an overview of your organization’s secret leak footprint.'
-product: '{% data reusables.gated-features.secret-risk-assessment-report %}'
+product: '{% data reusables.gated-features.secret-risk-assessment-report %}<br>{% data variables.secret-scanning.secret-risk-assessment-cta-product %}'
 allowTitleToDifferFromFilename: true
 type: overview
 versions:
@@ -19,7 +19,7 @@ topics:
 
 Assessing your exposure to leaked secrets is crucial if you want to prevent:
 
-* **Exploitation by bad actors**. Malicious actors can use leaked secrets such as API keys, passwords, and tokens to gain unauthorized access to systems, databases, and sensitive information. Leaked secrets can lead to data breaches, compromising user data and potentially causing significant financial and reputational damage. See industry examples and in-depth discussion in [Understanding your organization's exposure to secret leaks](https://resources.github.com/enterprise/understanding-secret-leak-exposure) in {% data variables.product.github %} Executive Insights.
+* **Exploitation by bad actors**. Malicious actors can use leaked secrets such as API keys, passwords, and tokens to gain unauthorized access to systems, databases, and sensitive information. Leaked secrets can lead to data breaches, compromising user data and potentially causing significant financial and reputational damage.
 
 * **Regulatory problems**. Many industries have strict regulatory requirements for data protection, and leaked secrets can result in non-compliance with regulations, leading to legal penalties and fines.
 
@@ -29,7 +29,7 @@ Assessing your exposure to leaked secrets is crucial if you want to prevent:
 
 * **Costly fallout**. Addressing the fallout from leaked secrets can be costly, involving incident response efforts, security audits, and potential compensation for affected parties.
 
-Regularly assessing your exposure to leaked secrets is good practice to help identify vulnerabilities, implement necessary security measures, and ensure that any compromised secrets are promptly rotated and invalidated.
+Regularly assessing your exposure to leaked secrets is good practice to help identify vulnerabilities, implement necessary security measures, and ensure that any compromised secrets are promptly rotated and invalidated. See industry examples and in-depth discussion in [Understanding your organization's exposure to secret leaks](https://resources.github.com/enterprise/understanding-secret-leak-exposure) in {% data variables.product.github %} Executive Insights.
 
 ## About {% data variables.product.prodname_secret_risk_assessment %}
 
@@ -60,6 +60,6 @@ Because the {% data variables.product.prodname_secret_risk_assessment %} report
 
 Now that you know about the {% data variables.product.prodname_secret_risk_assessment %} report, you may want to learn how to:
 
-* Generate the report to see your organization risk. See [AUTOTITLE](/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/viewing-the-secret-risk-assessment-report-for-your-organization).
+* Generate the report to see your organization risk. Navigate to {% data reusables.security-overview.navigate-to-risk-assessment %}.
 * Interpret the results of the report. See [AUTOTITLE](/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/interpreting-secret-risk-assessment-results).
 * Enable {% data variables.product.prodname_GH_secret_protection %} to improve your secret leak footprint. See [AUTOTITLE](/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/choosing-github-secret-protection#enabling-secret-protection).

content/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/choosing-github-secret-protection.md

@@ -21,15 +21,17 @@ topics:
 
 {% data reusables.secret-protection.product-list %}
 
-In addition, {% data variables.product.prodname_secret_protection %} includes a free scanning feature, the **risk assessment** report, to help organizations understand their secret leak footprint across their {% data variables.product.github %} perimeter. See [AUTOTITLE](/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/about-secret-risk-assessment).
+In addition, {% data variables.product.prodname_secret_protection %} includes a free scanning feature, the **risk assessment** report, to help organizations understand their secret leak footprint across their {% data variables.product.github %} perimeter.
+
+To generate a {% data variables.product.prodname_secret_risk_assessment %} report, navigate to {% data reusables.security-overview.navigate-to-risk-assessment %}.
 
 {% data variables.product.prodname_secret_protection %} is billed per active committer to the repositories where it is enabled. It is available to users with a {% data variables.product.prodname_team %} or {% data variables.product.prodname_enterprise %} plan, see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security).
 
 ## Why you should enable {% data variables.product.prodname_secret_protection %} for 100% of your organization's repositories
 
 {% data variables.product.github %} recommends enabling {% data variables.product.prodname_GH_secret_protection %} products for all repositories, in order to protect your organization from the risk of secret leaks and exposures.  {% data variables.product.prodname_GH_secret_protection %} is free to enable for public repositories, and available as a purchasable add-on for private and internal repositories.
 
-* {% data reusables.secret-risk-assessment.what-is-scanned %}. See [AUTOTITLE](/code-security/secret-scanning/introduction/about-secret-scanning)
+* {% data reusables.secret-risk-assessment.what-is-scanned %}. See [AUTOTITLE](/code-security/secret-scanning/introduction/about-secret-scanning).
 
 * The {% data variables.product.prodname_secret_risk_assessment %} and {% data variables.product.prodname_secret_scanning %} _scan code that has already been committed_ into your repositories. With **push protection**, your code is scanned for secrets _before_ commits are saved on {% data variables.product.github %}, during the push process, and the push is blocked if any secrets are detected. See [AUTOTITLE](/code-security/secret-scanning/introduction/about-push-protection).
 

content/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/index.md

@@ -1,7 +1,7 @@
 ---
 title: 'Understanding your organization''s exposure to leaked secrets'
 shortTitle: Exposure to leaked secrets
-intro: 'You can generate a secret risk assessment report to evaluate the extent of your organization''s vulnerability to leaked secrets. Decide whether to enable {% data variables.product.prodname_secret_protection %} to protect your organization from further leaks.'
+intro: 'You can generate a secret risk assessment report to evaluate the extent of your organization''s vulnerability to leaked secrets. Decide whether to enable {% data variables.product.prodname_secret_protection %} to protect your organization from further leaks.<br>{% data variables.secret-scanning.secret-risk-assessment-cta-product %}'
 versions:
   feature: secret-risk-assessment
 topics:

content/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/viewing-the-secret-risk-assessment-report-for-your-organization.md

@@ -2,6 +2,7 @@
 title: 'Viewing the secret risk assessment report for your organization'
 shortTitle: 'View secret risk assessment'
 intro: 'You can generate and view the {% data variables.product.prodname_secret_risk_assessment %} report for your organization from the "Security" tab.'
+product: '{% data reusables.gated-features.secret-risk-assessment-report %}'
 permissions: '{% data reusables.permissions.secret-risk-assessment-report-generation %}'
 allowTitleToDifferFromFilename: true
 type: how_to

content/code-security/security-overview/about-security-overview.md

@@ -1,7 +1,10 @@
 ---
 title: About security overview
 intro: 'You can gain insights into the overall security landscape of your organization or enterprise and identify repositories that require intervention using security overview.'
-product: '{% data reusables.gated-features.security-overview-general %}'
+product: |
+  {% data reusables.gated-features.security-overview-general %}{% ifversion secret-risk-assessment %}
+
+  {% data variables.secret-scanning.secret-risk-assessment-cta-product %}{% endif %}
 redirect_from:
   - /code-security/security-overview/exploring-security-alerts
   - /code-security/security-overview/about-the-security-overview

content/code-security/trialing-github-advanced-security/explore-trial-secret-scanning.md

@@ -22,6 +22,8 @@ This guide assumes that you have planned and started a trial of {% data variable
 * Control and audit the bypass process for push protection and {% data variables.secret-scanning.alerts %}.
 * Enable validity checks for exposed tokens.
 
+To find out how to run a free secret risk assessment, see [Generating an initial secret risk assessment](/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/viewing-the-secret-risk-assessment-report-for-your-organization#generating-an-initial-secret-risk-assessment).
+
 If you have already scanned the code in your organization for leaked secrets using the free secret risk assessment, you will also want to explore that data more completely using the additional views on the **{% octicon "shield" aria-hidden="true" aria-label="shield" %} Security** tab for the organization.
 
 For full details of the features available, see [{% data variables.product.prodname_GH_secret_protection %}](/get-started/learning-about-github/about-github-advanced-security#github-secret-protection).

content/get-started/learning-about-github/about-github-advanced-security.md

@@ -130,7 +130,9 @@ A {% data variables.product.prodname_GHAS %} license provides the following addi
 
 ## Run an assessment of your organization's exposure to secret leaks
 
-Organizations on {% data variables.product.prodname_team %} and {% data variables.product.prodname_enterprise %} can run a free report to scan the code in the organization for leaked secrets. This can help you understand the current exposure of repositories in your organization to leaked secrets, as well as help you see how many existing secret leaks could have been prevented by {% data variables.product.prodname_GH_secret_protection %}. See [AUTOTITLE](/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/about-secret-risk-assessment).{% endif %}{% else %}{% endif %}
+{% ifversion secret-risk-assessment %}{% data variables.secret-scanning.secret-risk-assessment-cta-product %}{% endif %}
+
+Organizations on {% data variables.product.prodname_team %} and {% data variables.product.prodname_enterprise %} can run a free report to scan the code in the organization for leaked secrets. This can help you understand the current exposure of repositories in your organization to leaked secrets, as well as help you see how many existing secret leaks could have been prevented by {% data variables.product.prodname_GH_secret_protection %}.{% endif %}{% else %}{% endif %}
 
 ## Deploying {% ifversion ghas-products %}{% data variables.product.prodname_GH_code_security %} and {% data variables.product.prodname_GH_secret_protection %}{% else %}{% data variables.product.prodname_GHAS %} in your enterprise{% endif %}
 

content/migrations/using-github-enterprise-importer/migrating-from-azure-devops-to-github-enterprise-cloud/managing-access-for-a-migration-from-azure-devops.md

@@ -90,10 +90,6 @@ To grant the migrator role using the CLI, you must have installed the {% data va
 
 {% data reusables.enterprise-migration-tool.identifying-githubs-ip-ranges %}
 
-### Virtual network firewall rules for Azure Blob Storage for {% data variables.product.prodname_dotcom_the_website %}
-
-{% data reusables.enterprise-migration-tool.identify-gei-vnet-firewall-rules %}
-
 ### IP ranges for {% data variables.enterprise.data_residency_site %}
 
 {% data reusables.enterprise-migration-tool.ip-ranges-ghecom %}

data/reusables/enterprise-migration-tool/identify-gei-vnet-firewall-rules.md

@@ -1,6 +1,6 @@
 Customers with Azure Blob Storage configured for storing repository data for migrations must add virtual network firewall rules to their storage accounts to allow GEI to access the repository data. This requires the use of the Azure CLI or PowerShell, as adding these virtual network firewall rules on the Azure Portal is currently unsupported. The following virtual network subnet IDs must be added to the virtual network firewall rules for your storage account:
 
-* `/subscriptions/495e10ff-6097-4190-a1de-b031fcb96f66/resourceGroups/ghr-network-service-4c5846fa-dc07-4153-8d08-a16a9b437a5a-3-eastus2/providers/Microsoft.Network/virtualNetworks/4c5846fa-dc07-4153-8d08-a16a9b437a5a-3/subnets/4c5846fa-dc07-4153-8d08-a16a9b437a5a-3`
-* `/subscriptions/d3bde7c9-46be-429b-81a8-258387be6dde/resourceGroups/ghr-network-service-4c5846fa-dc07-4153-8d08-a16a9b437a5a-3-westus3/providers/Microsoft.Network/virtualNetworks/4c5846fa-dc07-4153-8d08-a16a9b437a5a-3/subnets/4c5846fa-dc07-4153-8d08-a16a9b437a5a-3`
+* `/subscriptions/cdf1c65c-e6f4-43b3-945f-c5280f104f9c/resourceGroups/ghr-network-service-1a72ec6f-45b6-44be-a4bd-f0fe50079c9f-5-westus2/providers/Microsoft.Network/virtualNetworks/1a72ec6f-45b6-44be-a4bd-f0fe50079c9f-5/subnets/1a72ec6f-45b6-44be-a4bd-f0fe50079c9f-5`
+* `/subscriptions/173ad082-b20d-4d44-8257-7fbf34959bed/resourceGroups/ghr-network-service-1a72ec6f-45b6-44be-a4bd-f0fe50079c9f-5-westus3/providers/Microsoft.Network/virtualNetworks/1a72ec6f-45b6-44be-a4bd-f0fe50079c9f-5/subnets/1a72ec6f-45b6-44be-a4bd-f0fe50079c9f-5`
 
 To add the virtual network firewall rules to your Azure Storage account, you can follow step 5 in the documentation for [creating a virtual network rule for Azure Storage](https://learn.microsoft.com/azure/storage/common/storage-network-security-virtual-networks?tabs=azure-cli) using the network subnet IDs provided above. Be sure to provide the `--subscription` argument with the subscription ID tied to the storage account.

data/reusables/gated-features/secret-risk-assessment-report.md

@@ -1 +1 @@
-{% data variables.product.prodname_secret_risk_assessment_caps %} is available for free for organization-owned repositories on {% data variables.product.prodname_team %} and {% data variables.product.prodname_enterprise %}
+{% data variables.product.prodname_secret_risk_assessment_caps %} is available for free in organizations on {% data variables.product.prodname_team %} and {% data variables.product.prodname_enterprise %}

data/reusables/gated-features/security-overview-general.md

@@ -1,10 +1,8 @@
-{% data variables.product.prodname_secret_risk_assessment_caps %} is available for all organizations owned by {% data variables.product.prodname_team %} or {% data variables.product.prodname_enterprise %}. Additional views are available for:
+Security overview is available for all organizations owned by {% data variables.product.prodname_team %} or {% data variables.product.prodname_enterprise %} that have run {% data variables.product.prodname_secret_risk_assessment_caps %}.
 
-{% ifversion fpt %}
+Additional views are available for {% ifversion ghec %}enterprises and their organizations.{% elsif ghes %}organizations.
+
+{% elsif fpt %}
 * Organizations owned by a {% data variables.product.prodname_team %} account with {% data variables.product.prodname_GH_cs_or_sp %}
 * Organizations owned by a {% data variables.product.prodname_enterprise %} account
-{% elsif ghec %}
-* Enterprises and their organizations
-{% elsif ghes %}
-* Organizations
 {% endif %}

data/reusables/security-overview/navigate-to-risk-assessment.md

@@ -0,0 +1 @@
+the **{% octicon "shield" aria-hidden="true" aria-label="shield" %} Security** tab for your organization, display the **{% octicon "key" aria-hidden="true" aria-label="key" %} Assessments** page, then click **Scan your organization**

data/reusables/security-overview/open-assessments-view.md

@@ -1 +1 @@
-1. In the sidebar, under "Security", click **Assessments**.
+1. In the sidebar, under "Security", click **{% octicon "key" aria-hidden="true" aria-label="key" %} Assessments**.