{"id":95123,"date":"2026-04-08T09:52:15","date_gmt":"2026-04-08T16:52:15","guid":{"rendered":"https:\/\/github.blog\/changelog\/2026-04-08-code-security-risk-assessment-available-for-organizations"},"modified":"2026-04-08T09:54:36","modified_gmt":"2026-04-08T16:54:36","slug":"code-security-risk-assessment-available-for-organizations","status":"publish","type":[3521],"link":"https:\/\/github.blog\/changelog\/2026-04-08-code-security-risk-assessment-available-for-organizations","title":{"rendered":"Code Security risk assessment available for organizations"},"content":{"rendered":"<!DOCTYPE html PUBLIC \"-\/\/W3C\/\/DTD HTML 4.0 Transitional\/\/EN\" \"http:\/\/www.w3.org\/TR\/REC-html40\/loose.dtd\">\n<html><body><p>Organization admins and security managers can now run a free <strong>Code Security risk assessment<\/strong> to review security vulnerabilities across their organization.<\/p>\n<p>The assessment summarizes vulnerabilities by severity, rule type, and programming language. It includes remediation guidance, highlighting where <a href=\"https:\/\/docs.github.com\/enterprise-cloud@latest\/code-security\/responsible-use\/responsible-use-autofix-code-scanning\">Copilot Autofix<\/a> can automatically suggest fixes. The report enables you to identify high-impact repositories to prioritize, and helps understand how to remediate security issues faster. To initiate an assessment, navigate to the &ldquo;Assessments&rdquo; section under your organization&rsquo;s <strong>Security<\/strong> tab.<\/p>\n<p><img decoding=\"async\" loading=\"lazy\" src=\"https:\/\/github.com\/user-attachments\/assets\/09d93818-d102-4bbc-b810-ec05f7564d0c\" alt=\"Video of the new Code Security risk assessment\"><\/p>\n<p>This feature is available in GitHub Enterprise Cloud and GitHub Team, and will ship in GitHub Enterprise Server 3.22.<\/p>\n<p>Read more in the <a href=\"https:\/\/docs.github.com\/enterprise-cloud@latest\/code-security\/concepts\/code-scanning\/code-security-risk-assessment\">Code Security risk assessment documentation<\/a>.<\/p>\n<p>Join the discussion in <a href=\"https:\/\/github.com\/orgs\/community\/discussions\/191736\">GitHub Community<\/a>.<\/p>\n<\/body><\/html>\n","protected":false},"excerpt":{"rendered":"<p>Organization admins and security managers can now run a free Code Security risk assessment to review security vulnerabilities across their organization. The assessment summarizes vulnerabilities by severity, rule type, and&hellip;<\/p>\n","protected":false},"author":2106,"featured_media":95124,"template":"","meta":{"_gh_post_show_toc":"","_gh_post_is_no_robots":"","_gh_post_is_featured":"","_gh_post_is_excluded":"","_gh_post_is_unlisted":"","_gh_post_related_link_1":"","_gh_post_related_link_2":"","_gh_post_related_link_3":"","_gh_post_sq_img":"","_gh_post_sq_img_id":"","_gh_post_cta_title":"","_gh_post_cta_text":"","_gh_post_cta_link":"","_gh_post_cta_button":"","_gh_post_recirc_hide":"","_gh_post_recirc_col_1":"","_gh_post_recirc_col_2":"","_gh_post_recirc_col_3":"","_gh_post_recirc_col_4":"","_featured_video":"","_gh_post_additional_query_params":"","footnotes":"","_links_to":"","_links_to_target":"","primary_cta":"","primary_cta_url":"","secondary_cta":"","secondary_cta_url":""},"label":[3627],"group":[3833],"coauthors":[3100],"class_list":["post-95123","changelog","type-changelog","status-publish","has-post-thumbnail","hentry","changelog-type-new-releases","changelog-label-application-security","changelog-group-04-2026"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Code Security risk assessment available for organizations - GitHub Changelog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/github.blog\/changelog\/2026-04-08-code-security-risk-assessment-available-for-organizations\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Code Security risk assessment available for organizations \u00b7 GitHub Changelog\" \/>\n<meta property=\"og:description\" content=\"Organization admins and security managers can now run a free Code Security risk assessment to review security vulnerabilities across their organization. The assessment summarizes vulnerabilities by severity, rule type, and&hellip;\" \/>\n<meta property=\"og:url\" content=\"https:\/\/github.blog\/changelog\/2026-04-08-code-security-risk-assessment-available-for-organizations\/\" \/>\n<meta property=\"og:site_name\" content=\"The GitHub Blog\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-08T16:54:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/github.blog\/wp-content\/uploads\/2026\/04\/573086349-4e697615-5ed5-4769-81b9-20f452e1ad75.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2064\" \/>\n\t<meta property=\"og:image:height\" content=\"1084\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"Allison\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/github.blog\\\/changelog\\\/2026-04-08-code-security-risk-assessment-available-for-organizations\\\/\",\"url\":\"https:\\\/\\\/github.blog\\\/changelog\\\/2026-04-08-code-security-risk-assessment-available-for-organizations\\\/\",\"name\":\"Code Security risk assessment available for organizations - The GitHub Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/github.blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/github.blog\\\/changelog\\\/2026-04-08-code-security-risk-assessment-available-for-organizations\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/github.blog\\\/changelog\\\/2026-04-08-code-security-risk-assessment-available-for-organizations\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/github.blog\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/571943721-81e3e027-be7a-46c3-967e-b7362d5f4cd8.png?fit=2064%2C1084\",\"datePublished\":\"2026-04-08T16:52:15+00:00\",\"dateModified\":\"2026-04-08T16:54:36+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/github.blog\\\/changelog\\\/2026-04-08-code-security-risk-assessment-available-for-organizations\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/github.blog\\\/changelog\\\/2026-04-08-code-security-risk-assessment-available-for-organizations\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/github.blog\\\/changelog\\\/2026-04-08-code-security-risk-assessment-available-for-organizations\\\/#primaryimage\",\"url\":\"https:\\\/\\\/github.blog\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/571943721-81e3e027-be7a-46c3-967e-b7362d5f4cd8.png?fit=2064%2C1084\",\"contentUrl\":\"https:\\\/\\\/github.blog\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/571943721-81e3e027-be7a-46c3-967e-b7362d5f4cd8.png?fit=2064%2C1084\",\"width\":2064,\"height\":1084,\"caption\":\"Screenshot of the new Code Security risk assessment\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/github.blog\\\/changelog\\\/2026-04-08-code-security-risk-assessment-available-for-organizations\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/github.blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Changelogs\",\"item\":\"https:\\\/\\\/github.blog\\\/changelog\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Code Security risk assessment available for organizations\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/github.blog\\\/#website\",\"url\":\"https:\\\/\\\/github.blog\\\/\",\"name\":\"The GitHub Blog\",\"description\":\"Updates, ideas, and inspiration from GitHub to help developers build and design software.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/github.blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Code Security risk assessment available for organizations - GitHub Changelog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/github.blog\/changelog\/2026-04-08-code-security-risk-assessment-available-for-organizations\/","og_locale":"en_US","og_type":"article","og_title":"Code Security risk assessment available for organizations \u00b7 GitHub Changelog","og_description":"Organization admins and security managers can now run a free Code Security risk assessment to review security vulnerabilities across their organization. The assessment summarizes vulnerabilities by severity, rule type, and&hellip;","og_url":"https:\/\/github.blog\/changelog\/2026-04-08-code-security-risk-assessment-available-for-organizations\/","og_site_name":"The GitHub Blog","article_modified_time":"2026-04-08T16:54:36+00:00","og_image":[{"width":2064,"height":1084,"url":"https:\/\/github.blog\/wp-content\/uploads\/2026\/04\/573086349-4e697615-5ed5-4769-81b9-20f452e1ad75.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute","Written by":"Allison"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/github.blog\/changelog\/2026-04-08-code-security-risk-assessment-available-for-organizations\/","url":"https:\/\/github.blog\/changelog\/2026-04-08-code-security-risk-assessment-available-for-organizations\/","name":"Code Security risk assessment available for organizations - The GitHub Blog","isPartOf":{"@id":"https:\/\/github.blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/github.blog\/changelog\/2026-04-08-code-security-risk-assessment-available-for-organizations\/#primaryimage"},"image":{"@id":"https:\/\/github.blog\/changelog\/2026-04-08-code-security-risk-assessment-available-for-organizations\/#primaryimage"},"thumbnailUrl":"https:\/\/github.blog\/wp-content\/uploads\/2026\/04\/571943721-81e3e027-be7a-46c3-967e-b7362d5f4cd8.png?fit=2064%2C1084","datePublished":"2026-04-08T16:52:15+00:00","dateModified":"2026-04-08T16:54:36+00:00","breadcrumb":{"@id":"https:\/\/github.blog\/changelog\/2026-04-08-code-security-risk-assessment-available-for-organizations\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/github.blog\/changelog\/2026-04-08-code-security-risk-assessment-available-for-organizations\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/github.blog\/changelog\/2026-04-08-code-security-risk-assessment-available-for-organizations\/#primaryimage","url":"https:\/\/github.blog\/wp-content\/uploads\/2026\/04\/571943721-81e3e027-be7a-46c3-967e-b7362d5f4cd8.png?fit=2064%2C1084","contentUrl":"https:\/\/github.blog\/wp-content\/uploads\/2026\/04\/571943721-81e3e027-be7a-46c3-967e-b7362d5f4cd8.png?fit=2064%2C1084","width":2064,"height":1084,"caption":"Screenshot of the new Code Security risk assessment"},{"@type":"BreadcrumbList","@id":"https:\/\/github.blog\/changelog\/2026-04-08-code-security-risk-assessment-available-for-organizations\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/github.blog\/"},{"@type":"ListItem","position":2,"name":"Changelogs","item":"https:\/\/github.blog\/changelog\/"},{"@type":"ListItem","position":3,"name":"Code Security risk assessment available for organizations"}]},{"@type":"WebSite","@id":"https:\/\/github.blog\/#website","url":"https:\/\/github.blog\/","name":"The GitHub Blog","description":"Updates, ideas, and inspiration from GitHub to help developers build and design software.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/github.blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/github.blog\/wp-json\/wp\/v2\/changelogs\/95123","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/github.blog\/wp-json\/wp\/v2\/changelogs"}],"about":[{"href":"https:\/\/github.blog\/wp-json\/wp\/v2\/types\/changelog"}],"author":[{"embeddable":true,"href":"https:\/\/github.blog\/wp-json\/wp\/v2\/users\/2106"}],"version-history":[{"count":1,"href":"https:\/\/github.blog\/wp-json\/wp\/v2\/changelogs\/95123\/revisions"}],"predecessor-version":[{"id":95126,"href":"https:\/\/github.blog\/wp-json\/wp\/v2\/changelogs\/95123\/revisions\/95126"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/github.blog\/wp-json\/wp\/v2\/media\/95124"}],"wp:attachment":[{"href":"https:\/\/github.blog\/wp-json\/wp\/v2\/media?parent=95123"}],"wp:term":[{"taxonomy":"changelog-type","embeddable":true,"href":"https:\/\/github.blog\/wp-json\/wp\/v2\/type?post=95123"},{"taxonomy":"changelog-label","embeddable":true,"href":"https:\/\/github.blog\/wp-json\/wp\/v2\/label?post=95123"},{"taxonomy":"changelog-group","embeddable":true,"href":"https:\/\/github.blog\/wp-json\/wp\/v2\/group?post=95123"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/github.blog\/wp-json\/wp\/v2\/coauthors?post=95123"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}