Secret risk assessment - Add more CTAs (#56918)

Author: vgrl

content/code-security/index.md

@@ -5,11 +5,13 @@ intro: 'Build security into your {% data variables.product.github %} workflow to
 redirect_from:
   - /code-security/guides
 introLinks:
+  overview: '{% ifversion ghes %}/code-security/getting-started/github-security-features{% endif %}'
   generate_secret_risk_assessment_report_for_free: '{% ifversion secret-risk-assessment %}/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/viewing-the-secret-risk-assessment-report-for-your-organization#generating-an-initial-secret-risk-assessment{% endif %}'
 featuredLinks:
   startHere: # Links aimed at the builder audience
-    - /code-security/getting-started/github-security-features
+    - '{% ifversion fpt or ghec %}/code-security/getting-started/github-security-features{% endif %}'
     - /code-security/getting-started/quickstart-for-securing-your-repository
+    - '{% ifversion ghes %}/code-security/secret-scanning/working-with-secret-scanning-and-push-protection{% endif %}'
     - /code-security/getting-started/dependabot-quickstart-guide
     - /code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning
   guideCards:

content/code-security/secret-scanning/introduction/about-secret-scanning.md

@@ -1,7 +1,10 @@
 ---
 title: About secret scanning
 intro: '{% data variables.product.github %} scans repositories for known types of secrets, to prevent fraudulent use of secrets that were committed accidentally.'
-product: '{% data reusables.gated-features.secret-scanning %}'
+product: |
+  {% data reusables.gated-features.secret-scanning %}{% ifversion secret-risk-assessment %}
+
+  {% data variables.secret-scanning.secret-risk-assessment-cta-product %}{% endif %}
 redirect_from:
   - /github/administering-a-repository/about-token-scanning
   - /articles/about-token-scanning

content/code-security/securing-your-organization/index.md

@@ -1,7 +1,7 @@
 ---
 title: Securing your organization
 shortTitle: Secure your organization
-intro: 'Secure your organization at scale with {% data variables.product.company_short %}''s security products{% ifversion security-configurations %} through {% data variables.product.prodname_security_configurations %} and {% data variables.product.prodname_global_settings %}{% endif %}.'
+intro: 'Secure your organization at scale with {% data variables.product.company_short %}''s security products{% ifversion security-configurations %} through {% data variables.product.prodname_security_configurations %} and {% data variables.product.prodname_global_settings %}{% endif %}.{% ifversion secret-risk-assessment %}<br>{% data variables.secret-scanning.secret-risk-assessment-cta-product %}{% endif %}'
 versions:
   fpt: '*'
   ghec: '*'

content/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/about-secret-risk-assessment.md

@@ -2,7 +2,7 @@
 title: 'About the secret risk assessment'
 shortTitle: 'Secret risk assessment'
 intro: 'Learn why it''s so important to understand your organization''s exposure to data leaks and how the {% data variables.product.prodname_secret_risk_assessment %} report gives an overview of your organization’s secret leak footprint.'
-product: '{% data reusables.gated-features.secret-risk-assessment-report %}'
+product: '{% data reusables.gated-features.secret-risk-assessment-report %}<br>{% data variables.secret-scanning.secret-risk-assessment-cta-product %}'
 allowTitleToDifferFromFilename: true
 type: overview
 versions:
@@ -19,7 +19,7 @@ topics:
 
 Assessing your exposure to leaked secrets is crucial if you want to prevent:
 
-* **Exploitation by bad actors**. Malicious actors can use leaked secrets such as API keys, passwords, and tokens to gain unauthorized access to systems, databases, and sensitive information. Leaked secrets can lead to data breaches, compromising user data and potentially causing significant financial and reputational damage. See industry examples and in-depth discussion in [Understanding your organization's exposure to secret leaks](https://resources.github.com/enterprise/understanding-secret-leak-exposure) in {% data variables.product.github %} Executive Insights.
+* **Exploitation by bad actors**. Malicious actors can use leaked secrets such as API keys, passwords, and tokens to gain unauthorized access to systems, databases, and sensitive information. Leaked secrets can lead to data breaches, compromising user data and potentially causing significant financial and reputational damage.
 
 * **Regulatory problems**. Many industries have strict regulatory requirements for data protection, and leaked secrets can result in non-compliance with regulations, leading to legal penalties and fines.
 
@@ -29,7 +29,7 @@ Assessing your exposure to leaked secrets is crucial if you want to prevent:
 
 * **Costly fallout**. Addressing the fallout from leaked secrets can be costly, involving incident response efforts, security audits, and potential compensation for affected parties.
 
-Regularly assessing your exposure to leaked secrets is good practice to help identify vulnerabilities, implement necessary security measures, and ensure that any compromised secrets are promptly rotated and invalidated.
+Regularly assessing your exposure to leaked secrets is good practice to help identify vulnerabilities, implement necessary security measures, and ensure that any compromised secrets are promptly rotated and invalidated. See industry examples and in-depth discussion in [Understanding your organization's exposure to secret leaks](https://resources.github.com/enterprise/understanding-secret-leak-exposure) in {% data variables.product.github %} Executive Insights.
 
 ## About {% data variables.product.prodname_secret_risk_assessment %}
 

content/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/index.md

@@ -1,7 +1,7 @@
 ---
 title: 'Understanding your organization''s exposure to leaked secrets'
 shortTitle: Exposure to leaked secrets
-intro: 'You can generate a secret risk assessment report to evaluate the extent of your organization''s vulnerability to leaked secrets. Decide whether to enable {% data variables.product.prodname_secret_protection %} to protect your organization from further leaks.'
+intro: 'You can generate a secret risk assessment report to evaluate the extent of your organization''s vulnerability to leaked secrets. Decide whether to enable {% data variables.product.prodname_secret_protection %} to protect your organization from further leaks.<br>{% data variables.secret-scanning.secret-risk-assessment-cta-product %}'
 versions:
   feature: secret-risk-assessment
 topics:

content/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/viewing-the-secret-risk-assessment-report-for-your-organization.md

@@ -2,6 +2,7 @@
 title: 'Viewing the secret risk assessment report for your organization'
 shortTitle: 'View secret risk assessment'
 intro: 'You can generate and view the {% data variables.product.prodname_secret_risk_assessment %} report for your organization from the "Security" tab.'
+product: '{% data reusables.gated-features.secret-risk-assessment-report %}'
 permissions: '{% data reusables.permissions.secret-risk-assessment-report-generation %}'
 allowTitleToDifferFromFilename: true
 type: how_to

content/code-security/security-overview/about-security-overview.md

@@ -1,7 +1,10 @@
 ---
 title: About security overview
 intro: 'You can gain insights into the overall security landscape of your organization or enterprise and identify repositories that require intervention using security overview.'
-product: '{% data reusables.gated-features.security-overview-general %}'
+product: |
+  {% data reusables.gated-features.security-overview-general %}{% ifversion secret-risk-assessment %}
+
+  {% data variables.secret-scanning.secret-risk-assessment-cta-product %}{% endif %}
 redirect_from:
   - /code-security/security-overview/exploring-security-alerts
   - /code-security/security-overview/about-the-security-overview

content/get-started/learning-about-github/about-github-advanced-security.md

@@ -130,7 +130,9 @@ A {% data variables.product.prodname_GHAS %} license provides the following addi
 
 ## Run an assessment of your organization's exposure to secret leaks
 
-Organizations on {% data variables.product.prodname_team %} and {% data variables.product.prodname_enterprise %} can run a free report to scan the code in the organization for leaked secrets. This can help you understand the current exposure of repositories in your organization to leaked secrets, as well as help you see how many existing secret leaks could have been prevented by {% data variables.product.prodname_GH_secret_protection %}. See [AUTOTITLE](/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/about-secret-risk-assessment).{% endif %}{% else %}{% endif %}
+{% ifversion secret-risk-assessment %}{% data variables.secret-scanning.secret-risk-assessment-cta-product %}{% endif %}
+
+Organizations on {% data variables.product.prodname_team %} and {% data variables.product.prodname_enterprise %} can run a free report to scan the code in the organization for leaked secrets. This can help you understand the current exposure of repositories in your organization to leaked secrets, as well as help you see how many existing secret leaks could have been prevented by {% data variables.product.prodname_GH_secret_protection %}.{% endif %}{% else %}{% endif %}
 
 ## Deploying {% ifversion ghas-products %}{% data variables.product.prodname_GH_code_security %} and {% data variables.product.prodname_GH_secret_protection %}{% else %}{% data variables.product.prodname_GHAS %} in your enterprise{% endif %}
 

data/reusables/gated-features/secret-risk-assessment-report.md

@@ -1 +1 @@
-{% data variables.product.prodname_secret_risk_assessment_caps %} is available for free for organization-owned repositories on {% data variables.product.prodname_team %} and {% data variables.product.prodname_enterprise %}
+{% data variables.product.prodname_secret_risk_assessment_caps %} is available for free in organizations on {% data variables.product.prodname_team %} and {% data variables.product.prodname_enterprise %}

data/reusables/gated-features/security-overview-general.md

@@ -1,10 +1,8 @@
-{% data variables.product.prodname_secret_risk_assessment_caps %} is available for all organizations owned by {% data variables.product.prodname_team %} or {% data variables.product.prodname_enterprise %}. Additional views are available for:
+Security overview is available for all organizations owned by {% data variables.product.prodname_team %} or {% data variables.product.prodname_enterprise %} that have run {% data variables.product.prodname_secret_risk_assessment_caps %}.
 
-{% ifversion fpt %}
+Additional views are available for {% ifversion ghec %}enterprises and their organizations.{% elsif ghes %}organizations.
+
+{% elsif fpt %}
 * Organizations owned by a {% data variables.product.prodname_team %} account with {% data variables.product.prodname_GH_cs_or_sp %}
 * Organizations owned by a {% data variables.product.prodname_enterprise %} account
-{% elsif ghec %}
-* Enterprises and their organizations
-{% elsif ghes %}
-* Organizations
 {% endif %}