Simplify permissions and product statements for scannability in Secur…

…ity Overview articles (#52681)

Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>

content/code-security/security-overview/about-security-overview.md

@@ -1,7 +1,6 @@
 ---
 title: About security overview
 intro: 'You can gain insights into the overall security landscape of your organization or enterprise and identify repositories that require intervention using security overview.'
-permissions: '{% data reusables.security-overview.permissions %}'
 product: '{% data reusables.gated-features.security-overview %}'
 redirect_from:
   - /code-security/security-overview/exploring-security-alerts

content/code-security/security-overview/assessing-adoption-code-security.md

@@ -3,8 +3,7 @@ title: Assessing adoption of code security features
 shortTitle: Assess adoption of features
 allowTitleToDifferFromFilename: true
 intro: 'You can use security overview to see which teams and repositories have already enabled code security features, and identify any that are not yet protected.'
-permissions: '{% data reusables.security-overview.permissions %}'
-product: '{% data reusables.gated-features.security-overview %}'
+permissions: '{% data reusables.permissions.security-overview %}'
 type: how_to
 topics:
   - Security overview
@@ -22,7 +21,7 @@ versions:
 
 You can use security overview to see which repositories and teams have already enabled each code security feature, and where people need more encouragement to adopt these features. The "Security coverage" view shows a summary and detailed information on feature enablement for an organization. You can filter the view to show a subset of repositories using the "enabled" and "not enabled" links, the "Teams" dropdown menu, and a search field in the page header.
 
-![Screenshot of the header section of the "Security coverage" view on the "Security" tab for an organization. The options for filtering are outlined in dark orange, including "enabled" and "not enabled" links, "Teams" selector, and search field.](/assets/images/help/security-overview/security-coverage-view-summary.png)
+![Screenshot of the header section of the "Security coverage" view on the "Security" tab for an organization.](/assets/images/help/security-overview/security-coverage-view-summary.png)
 
 >[!NOTE] "Pull request alerts" are reported as enabled only when {% data variables.product.prodname_code_scanning %} has analyzed at least one pull request since alerts were enabled for the repository.
 
@@ -38,18 +37,14 @@ You can use the "Enablement trends" view to see enablement status and enablement
 
 ## Viewing the enablement of code security features for an organization
 
-You can view data to assess the enablement of code security features across organizations in an enterprise. {% data reusables.security-overview.information-varies-GHAS %}
-
-{% ifversion dependabot-updates-paused-enterprise-orgs %}
-
-In the list of repositories, the "Paused" label under "{% data variables.product.prodname_dependabot %}" indicates repositories for which {% data variables.product.prodname_dependabot_updates %} are paused. For information about inactivity criteria, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates#about-automatic-deactivation-of-dependabot-updates)" and "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates#about-automatic-deactivation-of-dependabot-updates)," for security and version updates, respectively.{% endif %}
+You can view data to assess the enablement of code security features across repositories in an organization.
 
 {% data reusables.organizations.navigate-to-org %}
 {% data reusables.organizations.security-overview %}
 1. To display the "Security coverage" view, in the sidebar, click **{% octicon "meter" aria-hidden="true"  %} Coverage**.
 {% data reusables.code-scanning.using-security-overview-coverage %}
 
-   ![Screenshot of the header section of the "Security coverage" view on the "Security" tab for an organization. The options for filtering are outlined in dark orange, including "enabled" and "not enabled" links, "Teams" selector, archived repositories, and search field.](/assets/images/help/security-overview/security-coverage-view-highlights.png)
+   ![Screenshot of the "Security coverage" view. The options for filtering are outlined in dark orange.](/assets/images/help/security-overview/security-coverage-view-highlights.png)
 
 {% ifversion pre-security-configurations %}
 1. Optionally, click **{% octicon "gear" aria-hidden="true" %} Security settings** to enable code security features for a repository and click **Save security settings** to confirm the changes. If a feature is not shown, it has more complex configuration requirements and you need to use the repository settings dialog. For more information, see "[AUTOTITLE](/code-security/getting-started/securing-your-repository)."
@@ -59,24 +54,26 @@ In the list of repositories, the "Paused" label under "{% data variables.product
 
 {% endif %}
 
-{% ifversion security-overview-org-risk-coverage-enterprise %}
+{% ifversion dependabot-updates-paused-enterprise-orgs %}
+
+In the list of repositories, a "Paused" label under "{% data variables.product.prodname_dependabot %}" indicates repositories for which {% data variables.product.prodname_dependabot_updates %} are paused. For information about inactivity criteria, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates#about-automatic-deactivation-of-dependabot-updates)" and "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates#about-automatic-deactivation-of-dependabot-updates)," for security and version updates, respectively.{% endif %}
 
 ## Viewing the enablement of code security features for an enterprise
 
-You can view data to assess the enablement of code security features across organizations in an enterprise. {% data reusables.security-overview.information-varies-GHAS %}
-
-In the enterprise-level view, you can view data about the enablement of features, but you cannot enable or disable features. For more information about enabling features, see {% ifversion security-configurations %}"[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization){% else %}"[AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories){% endif %}."
+You can view data to assess the enablement of code security features across organizations in an enterprise.
 
-{% data reusables.security-overview.enterprise-filters-tip %}
+{% ifversion pre-security-configurations %}
+In the enterprise-level view, you can view data about the enablement of features, but you cannot enable or disable features.
+{% endif %}
 
 {% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
 {% data reusables.code-scanning.click-code-security-enterprise %}
 1. To display the "Security coverage" view, in the sidebar, click **Coverage**.
 {% data reusables.code-scanning.using-security-overview-coverage %}
 
-   ![Screenshot of the header section of the "Security coverage" view for an enterprise. The options for filtering are outlined in dark orange, including "enabled" and "not enabled" links, "Teams" selector, archived repositories, and search field.](/assets/images/help/security-overview/security-coverage-view-highlights-enterprise.png)
+   ![Screenshot of the header section of the "Security coverage" view. The options for filtering are outlined in dark orange.](/assets/images/help/security-overview/security-coverage-view-highlights-enterprise.png)
 
-{% endif %}
+{% data reusables.security-overview.enterprise-filters-tip %}
 
 {% ifversion security-overview-tool-adoption %}
 
@@ -114,8 +111,6 @@ You can view data to assess the enablement status and enablement status trends o
 
 You can view data to assess the enablement status and enablement status trends of code security features across organizations in an enterprise.
 
->[!TIP] You can use the `owner:` filter in the search field to filter the data by organization. For more information, see "[AUTOTITLE](/code-security/security-overview/filtering-alerts-in-security-overview)."
-
 {% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
 {% data reusables.code-scanning.click-code-security-enterprise %}
 1. To display the "Enablement trends" view, in the sidebar, click **Enablement trends**.
@@ -124,6 +119,8 @@ You can view data to assess the enablement status and enablement status trends o
     * Use the date picker to set the time range that you want to view enablement trends for.
     * Click in the search box to add further filters on the enablement trends displayed. For more information, see "[AUTOTITLE](/code-security/security-overview/filtering-alerts-in-security-overview)."
 
+>[!TIP] You can use the `owner:` filter in the search field to filter the data by organization. For more information, see "[AUTOTITLE](/code-security/security-overview/filtering-alerts-in-security-overview)."
+
 {% endif %}
 
 ## Interpreting and acting on the enablement data

content/code-security/security-overview/assessing-code-security-risk.md

@@ -3,8 +3,7 @@ title: Assessing your code security risk
 shortTitle: Assess security risk to code
 allowTitleToDifferFromFilename: true
 intro: 'You can use security overview to see which teams and repositories are affected by security alerts, and identify repositories for urgent remedial action.'
-permissions: '{% data reusables.security-overview.permissions %}'
-product: '{% data reusables.gated-features.security-overview %}'
+permissions: '{% data reusables.permissions.security-overview %}'
 type: how_to
 topics:
   - Security overview
@@ -41,8 +40,6 @@ For information about the **Overview**, see "[AUTOTITLE](/code-security/security
 
 ## Viewing organization-level code security risks
 
-{% data reusables.security-overview.information-varies-GHAS %}
-
 {% data reusables.organizations.navigate-to-org %}
 {% data reusables.organizations.security-overview %}
 {% data reusables.security-overview.open-security-risk-view %}
@@ -59,7 +56,7 @@ For information about the **Overview**, see "[AUTOTITLE](/code-security/security
 
 ## Viewing enterprise-level code security risks
 
-You can view data for security alerts across organizations in an enterprise. {% data reusables.security-overview.information-varies-GHAS %}
+You can view data for security alerts across organizations in an enterprise.
 
 {% data reusables.security-overview.enterprise-filters-tip %}
 

content/code-security/security-overview/enabling-security-features-for-multiple-repositories.md

@@ -2,8 +2,7 @@
 title: Enabling security features for multiple repositories
 shortTitle: Enable security features
 intro: You can use security overview to select a subset of repositories and enable security features for them all.
-permissions: '{% data reusables.security-overview.permissions %}'
-product: '{% data reusables.gated-features.security-overview %}'
+permissions: '{% data reusables.permissions.security-org-enable %}'
 allowTitleToDifferFromFilename: true
 versions:
   feature: security-configurations-beta-and-pre-beta

content/code-security/security-overview/exporting-data-from-security-overview.md

@@ -2,8 +2,7 @@
 title: Exporting data from security overview
 shortTitle: Export data
 intro: You can export CSV files of your organization's{% ifversion security-overview-export-dashboard-data %} overview,{% endif %} risk and coverage data from security overview.
-permissions: '{% data reusables.security-overview.permissions %}'
-product: '{% data reusables.gated-features.security-overview %}'
+permissions: '{% data reusables.permissions.security-overview %}'
 versions:
   feature: security-overview-export-data
 type: how_to

content/code-security/security-overview/filtering-alerts-in-security-overview.md

@@ -1,8 +1,7 @@
 ---
 title: Filtering alerts in security overview
 intro: Use filters to view specific categories of alerts
-permissions: '{% data reusables.security-overview.permissions %}'
-product: '{% data reusables.gated-features.security-overview %}'
+permissions: '{% data reusables.permissions.security-overview %}'
 allowTitleToDifferFromFilename: true
 versions:
   ghes: '*'

content/code-security/security-overview/reviewing-requests-to-bypass-push-protection.md

@@ -2,8 +2,7 @@
 title: Reviewing requests to bypass push protection
 shortTitle: Review bypass requests
 intro: 'You can use security overview to review requests to bypass push protection from contributors pushing to repositories across your organization.'
-permissions: '{% data reusables.security-overview.permissions %}'
-product: '{% data reusables.gated-features.security-overview %}'
+permissions: '{% data reusables.permissions.security-overview %}'
 type: how_to
 topics:
   - Security overview

content/code-security/security-overview/viewing-metrics-for-pull-request-alerts.md

@@ -3,8 +3,7 @@ title: Viewing metrics for pull request alerts
 shortTitle: View PR alert metrics
 allowTitleToDifferFromFilename: true
 intro: 'You can use security overview to see how {% data variables.product.prodname_codeql %} is performing in pull requests for repositories across your organization, and to identify repositories where you may need to take action.'
-permissions: '{% data reusables.security-overview.permissions %}'
-product: '{% data reusables.gated-features.security-overview %}'
+permissions: '{% data reusables.permissions.security-overview %}'
 type: how_to
 topics:
   - Security overview

content/code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection.md

@@ -3,8 +3,7 @@ title: Viewing metrics for secret scanning push protection
 shortTitle: View secret scanning metrics
 allowTitleToDifferFromFilename: true
 intro: 'You can use security overview to see how {% data variables.product.prodname_secret_scanning %} push protection is performing in repositories across your organization{% ifversion security-overview-enterprise-secret-scanning-metrics %} or enterprise{% endif %}, and to identify repositories where you may need to take action.'
-permissions: '{% data reusables.security-overview.permissions %}'
-product: '{% data reusables.gated-features.security-overview %}'
+permissions: '{% data reusables.permissions.security-overview %}'
 type: how_to
 redirect_from:
 - /code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection-in-your-organization

content/code-security/security-overview/viewing-security-insights.md

@@ -2,8 +2,7 @@
 title: Viewing security insights
 shortTitle: View security insights
 intro: 'You can use the overview dashboard in security overview to monitor the security landscape of the repositories in your organization{% ifversion security-overview-dashboard-enterprise %} or enterprise{% endif %}.'
-permissions: '{% data reusables.security-overview.permissions %}'
-product: '{% data reusables.gated-features.security-overview %}'
+permissions: '{% data reusables.permissions.security-overview %}'
 versions:
   feature: security-overview-dashboard
 type: how_to
@@ -76,13 +75,13 @@ Keep in mind that the overview page tracks changes over time for security alert
 
 ## Viewing the security overview dashboard for your enterprise
 
-{% data reusables.security-overview.enterprise-filters-tip %}
-
 {% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
 {% data reusables.code-scanning.click-code-security-enterprise %}{% ifversion security-overview-3-tab-dashboard %}
 1. By default, the **Detection** tab is displayed. If you want to switch to another tab to see other metrics, click **Remediation** or **Prevention**.{% endif %}
 {% data reusables.security-overview.filter-and-toggle %}
 
+{% data reusables.security-overview.enterprise-filters-tip %}
+
 {% endif %}
 
 ## Understanding the overview dashboard

data/reusables/gated-features/security-overview.md

@@ -1,5 +1,7 @@
 {% ifversion fpt %}
-Security overview is available for organizations that use {% data variables.product.prodname_enterprise %}. For more information, see "[AUTOTITLE](/get-started/learning-about-github/githubs-plans)."
-{% elsif security-overview-displayed-alerts %}
-All enterprises and their organizations have a security overview. If you use {% data variables.product.prodname_GH_advanced_security %} features{% ifversion ghec %}, which are free for public repositories,{% endif %} you will see additional information. {% data reusables.advanced-security.more-info-ghas %}
+Organizations that use {% data variables.product.prodname_enterprise %}
+{% elsif ghec %}
+Enterprises and their organizations
+{% elsif ghes %}
+Organizations
 {% endif %}

data/reusables/permissions/security-overview.md

@@ -0,0 +1,3 @@
+Access requires:
+* Organization views: **write** access to repositories in the organization
+* Enterprise views: organization owners and security managers

data/reusables/security-overview/information-varies-GHAS.md

@@ -1 +1 @@
-The information shown by security overview varies according to your access to repositories{% ifversion security-overview-org-risk-coverage-enterprise %} and organizations{% endif %}, and according to whether {% data variables.product.prodname_GH_advanced_security %} is used by those repositories {% ifversion security-overview-org-risk-coverage-enterprise %} and organizations{% endif %}. For more information, see "[AUTOTITLE](/code-security/security-overview/about-security-overview#permission-to-view-data-in-security-overview)."
+The information shown by security overview varies according to your access to repositories and organizations, and according to whether {% data variables.product.prodname_GH_advanced_security %} is used by those repositories and organizations. For more information, see "[AUTOTITLE](/code-security/security-overview/about-security-overview#permission-to-view-data-in-security-overview)."