docs/content/github/administering-a-repository/managing-alerts-from-secret-scanning.md

title	intro	product	versions
Managing alerts from secret scanning	You can view and close alerts for secrets checked in to your repository.	{% data reusables.gated-features.secret-scanning %}	[{free-pro-team *} {enterprise-server >=3.0}]

{% data reusables.secret-scanning.beta %}

Managing alerts

{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} 3. In the left sidebar, click Detected secrets. 4. Under "Secret scanning" click the alert you want to view. {% if currentVersion == "free-pro-team@latest" %} {% endif %} {% if enterpriseServerVersions contains currentVersion and currentVersion ver_gt "enterprise-server@2.22" %} {% endif %}

1. Optionally, use the "Mark as" drop-down menu and click a reason for resolving an alert. {% if currentVersion == "free-pro-team@latest" %} {% endif %} {% if enterpriseServerVersions contains currentVersion and currentVersion ver_gt "enterprise-server@2.22" %} {% endif %}

Securing compromised secrets

Once a secret has been committed to a repository, you should consider the secret compromised. {% data variables.product.prodname_dotcom %} recommends the following actions for compromised secrets:

• For a compromised {% data variables.product.prodname_dotcom %} personal access token, delete the compromised token, create a new token, and update any services that use the old token. For more information, see "Creating a personal access token for the command line."
• For all other secrets, first verify that the secret committed to {% data variables.product.product_name %} is valid. If so, create a new secret, update any services that use the old secret, and then delete the old secret.