Dependabot enterprise level reporting

We are trying to find a way to get dependabot reporting at the enterprise level and at the org level. We are using GitHub enterprise (cloud).

Is there a way to gather all the dependabot incidents across all orgs within GitHub or do we need a reporting tool?

Thank you for your help.

1 Like

At the org level, you can use the Security Overview section, under the Security tab, to see Dependabot as well as GitHub Advanced Security information.

Right now, there isn’t a good way to see it at the Enterprise level, short of writing something to go against the APIs and pull that information.

1 Like

Thank you Mickeygousset - Is there any best practice you recommend regarding any tools? Do you know of anyone else doing this?

1 Like

Hi Mickeygousset - do we need an api to pull the information at the org level? i.e., we see the information on the screen, but how do we get the back end data?

You would have to compile that using the API, I believe

Great thank you - by chance do you have the code for an API?