building on about security overview content

content/code-security/security-overview/about-the-security-overview.md

@@ -24,13 +24,15 @@ shortTitle: About security overview
 
 ## About the security overview
 
-You can use the security overview for a high-level view of the security status of your organization or to identify problematic repositories that require intervention. At the organization-level, the security overview displays aggregate and repository-specific security information for repositories owned by your organization. Within the organization-level security overview, there are also dedicated views for specific security features, such as secret scanning alerts and code scanning alerts. At the team-level, the security overview displays repository-specific security information for repositories that the team has admin privileges for. For more information, see "[Managing team access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)."
+You can use the security overview for a high-level view of the security status of your organization or to identify problematic repositories that require intervention. At the organization-level, the security overview displays aggregate and repository-specific security information for repositories owned by your organization. At the team-level, the security overview displays repository-specific security information for repositories that the team has admin privileges for. For more information, see "[Managing team access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)."
 
 The security overview indicates whether {% ifversion fpt or ghes > 3.1 or ghec %}security{% endif %}{% ifversion ghae-next %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} features are enabled for repositories owned by your organization and consolidates alerts for each feature.{% ifversion fpt or ghes > 3.1 or ghec %} Security features include {% data variables.product.prodname_GH_advanced_security %} features, such as {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_secret_scanning %}, as well as {% data variables.product.prodname_dependabot_alerts %}.{% endif %} For more information about {% data variables.product.prodname_GH_advanced_security %} features, see "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)."{% ifversion fpt or ghes > 3.1 or ghec %} For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)."{% endif %}
 
 For more information about securing your code at the repository and organization levels, see "[Securing your repository](/code-security/getting-started/securing-your-repository)" and "[Securing your organization](/code-security/getting-started/securing-your-organization)."
 
-In the security overview, you can view, sort, and filter alerts to understand the security risks in your organization and in specific repositories. You can apply multiple filters to focus on areas of interest. For example, you can identify private repositories that have a high number of {% data variables.product.prodname_dependabot_alerts %} or repositories that have no {% data variables.product.prodname_code_scanning %} alerts.
+In the security overview, you can view, sort, and filter alerts to understand the security risks in your organization and in specific repositories. The interface for the security overview is highly clickable, allowing you to investigate specific categories of information, based on qualifiers like repository, alert risk level, alert type, and feature enablement, without the need for filters. You can also apply multiple filters to focus on narrower areas of interest. For example, you can identify private repositories that have a high number of {% data variables.product.prodname_dependabot_alerts %} or repositories that have no {% data variables.product.prodname_code_scanning %} alerts.
+
+Security managers and members of your organization's AppSec team can use the security overview for both broad and specific analyses of your organization's security status. For example, the overview page can be used to monitor adoption of features by your organization or a specific team as you rollout {% data variables.product.prodname_GH_advanced_security %} to your enterprise, or to review all alerts of a specific type and severity level across all repositories in your organization.
 
 ![The security overview for an organization](/assets/images/help/organizations/security-overview.png)
 
@@ -46,6 +48,13 @@ For each repository in the security overview, you will see icons for each type o
 | {% octicon "check" aria-label="Check" %} | The security feature is enabled, but does not raise alerts in this repository. |
 | {% octicon "x" aria-label="x" %} | The security feature is not supported in this repository. |
 
-By default, archived repositories are excluded from the security overview for an organization. You can apply filters to view archived repositories in the security overview. For more information, see "[Filtering the list of alerts](#filtering-the-list-of-alerts)."
+By default, archived repositories are excluded from the security overview for an organization. You can apply filters to view archived repositories in the security overview. For more information, see "[Filtering alerts in the security overview](/code-security/security-overview/filtering-alerts-in-the-security-overview)."
 
 The security overview displays active alerts raised by security features. If there are no alerts in the security overview for a repository, undetected security vulnerabilities or code errors may still exist.
+
+{% ifversion ghec or ghes > 3.3 %}
+## About the alert views
+
+Within the organization-level security overview, there are dedicated views for specific security features, such as secret scanning alerts and code scanning alerts. You can use these views to limit your analysis to the specific set of alerts, and narrow the results further with a range of filters specific to each view. For example, in the secret scanning alert view, you can use the `Secret type` filter to view only secret scanning alerts related to a specific secret, like a GitHub Personal Access Token.
+
+{% endif %}

content/code-security/security-overview/filtering-alerts-in-the-security-overview.md

@@ -1,6 +1,7 @@
 ---
 title: Filtering alerts in the security overview
 intro: 'Use filters to view specific categories of alerts'
+permissions: Organization owners and security managers can access the security overview for organizations. Members of a team can see the security overview for repositories that the team has admin privileges for.
 product: '{% data reusables.gated-features.security-center %}'
 versions:
   fpt: '*'
@@ -88,11 +89,17 @@ The level of risk for a repository is determined by the number and severity of a
 
 | Qualifier | Description |
 | -------- | -------- |
-| `repository:REPOSITORY-NAME` | Displays alerts for the specified repository |
+| `repository:REPOSITORY-NAME` | Displays alerts for the specified repository. |
 
 ### Filter by secret types
 
 | Qualifier | Description |
 | -------- | -------- |
-| `secret-type:SERVICE_PROVIDER` | Displays alerts for secrets issued by the specified provider |
+| `secret-type:SERVICE_PROVIDER` | Displays alerts for the specified secret and provider. |
 | `secret-type:CUSTOM-PATTERN` | Displays alerts for secrets matching the specified custom pattern. For more information, see "[Defining custom patterns for secret scanning](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)." |
+
+### Filter by provider
+
+| Qualifier | Description |
+| -------- | -------- |
+|`provider:PROVIDER_NAME` | Displays alerts for all secrets issues by the specified provider. |