[EDI] Create a new "Vulnerability reporting and management" map topic within "Concepts" (#59057)

mchammer01 · sophietheking · web-flow · commit 200ce2a3286a · 2026-01-08T14:54:25.000Z
Co-authored-by: Sophie &lt;29382425+sophietheking@users.noreply.github.com&gt;
diff --git a/content/code-security/concepts/index.md b/content/code-security/concepts/index.md
@@ -16,5 +16,5 @@ topics:
   - Dependabot
 contentType: concepts
 children:
+  - /vulnerability-reporting-and-management
   - supply-chain-security
----
diff --git a/content/code-security/concepts/vulnerability-reporting-and-management/about-coordinated-disclosure-of-security-vulnerabilities.md b/content/code-security/concepts/vulnerability-reporting-and-management/about-coordinated-disclosure-of-security-vulnerabilities.md
@@ -6,10 +6,11 @@ redirect_from:
   - /code-security/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
   - /code-security/security-advisories/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
   - /code-security/security-advisories/guidance-on-reporting-and-writing/about-coordinated-disclosure-of-security-vulnerabilities
+  - /code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/about-coordinated-disclosure-of-security-vulnerabilities
 versions:
   fpt: '*'
   ghec: '*'
-type: overview
+contentType: concepts
 topics:
   - Security advisories
   - Vulnerabilities
diff --git a/content/code-security/concepts/vulnerability-reporting-and-management/about-global-security-advisories.md b/content/code-security/concepts/vulnerability-reporting-and-management/about-global-security-advisories.md
@@ -1,18 +1,20 @@
 ---
 title: About global security advisories
-intro: 'Global security advisories live in the {% data variables.product.prodname_advisory_database %}, a collection of CVEs and {% data variables.product.company_short %}-originated advisories affecting the open source world. You can contribute to improving global security advisories.'
+shortTitle: Global security advisories
+intro: Global security advisories live in the {% data variables.product.prodname_advisory_database %}, a collection of CVEs and {% data variables.product.company_short %}-originated advisories affecting the open source world. You can contribute to improving global security advisories.
 versions:
   fpt: '*'
   ghec: '*'
   ghes: '*'
-type: overview
+contentType: concepts
 topics:
   - Security advisories
   - Alerts
   - Vulnerabilities
   - CVEs
 redirect_from:
   - /code-security/security-advisories/global-security-advisories/about-global-security-advisories
+  - /code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/about-global-security-advisories
 ---
 
 ## About global security advisories
diff --git a/content/code-security/concepts/vulnerability-reporting-and-management/about-repository-security-advisories.md b/content/code-security/concepts/vulnerability-reporting-and-management/about-repository-security-advisories.md
@@ -1,18 +1,19 @@
 ---
 title: About repository security advisories
-intro: 'You can use repository security advisories to privately discuss, fix, and publish information about security vulnerabilities in your public repository.'
-shortTitle: About repository security advisories
+intro: You can use repository security advisories to privately discuss, fix, and publish information about security vulnerabilities in your public repository.
+shortTitle: Repository security advisories
 redirect_from:
   - /articles/about-maintainer-security-advisories
   - /github/managing-security-vulnerabilities/about-maintainer-security-advisories
   - /github/managing-security-vulnerabilities/about-github-security-advisories
   - /code-security/security-advisories/about-github-security-advisories
   - /code-security/repository-security-advisories/about-github-security-advisories-for-repositories
   - /code-security/security-advisories/repository-security-advisories/about-repository-security-advisories
+  - /code-security/security-advisories/working-with-repository-security-advisories/about-repository-security-advisories
 versions:
   fpt: '*'
   ghec: '*'
-type: overview
+contentType: concepts
 product: '{% data reusables.gated-features.private-vulnerability-reporting %}'
 topics:
   - Security advisories
diff --git a/content/code-security/concepts/vulnerability-reporting-and-management/about-the-github-advisory-database.md b/content/code-security/concepts/vulnerability-reporting-and-management/about-the-github-advisory-database.md
@@ -5,14 +5,16 @@ versions:
   fpt: '*'
   ghec: '*'
   ghes: '*'
-type: overview
+contentType: concepts
+shortTitle: GitHub Advisory database
 topics:
   - Security advisories
   - Alerts
   - Vulnerabilities
   - CVEs
 redirect_from:
   - /code-security/security-advisories/global-security-advisories/about-the-github-advisory-database
+  - /code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/about-the-github-advisory-database
 ---
 
 ## About the {% data variables.product.prodname_advisory_database %}
diff --git a/content/code-security/concepts/vulnerability-reporting-and-management/about-your-exposure-to-vulnerabilities-in-your-code-and-in-dependencies.md b/content/code-security/concepts/vulnerability-reporting-and-management/about-your-exposure-to-vulnerabilities-in-your-code-and-in-dependencies.md
@@ -1,7 +1,7 @@
 ---
 title: About exposure to vulnerabilities in your code and in dependencies
 shortTitle: Vulnerability exposure
-intro: 'Understanding your organization’s exposure to vulnerabilities in first-party code and in all dependencies is essential for enabling you to efficiently assess, prioritize, and remediate vulnerabilities, reducing the likelihood of security breaches.'
+intro: Understanding your organization’s exposure to vulnerabilities in first-party code and in all dependencies is essential for enabling you to efficiently assess, prioritize, and remediate vulnerabilities, reducing the likelihood of security breaches.
 allowTitleToDifferFromFilename: true
 product: '{% data reusables.gated-features.ghas-billing %}'
 versions:
@@ -14,6 +14,7 @@ topics:
   - Security
 redirect_from:
   - /code-security/securing-your-organization/understanding-your-organizations-exposure-to-vulnerabilites/about-your-exposure-to-vulnerable-dependencies
+  - /code-security/securing-your-organization/understanding-your-organizations-exposure-to-vulnerabilities/about-your-exposure-to-vulnerable-dependencies
 ---
 
 ## About exposure to vulnerable code
diff --git a/content/code-security/concepts/vulnerability-reporting-and-management/index.md b/content/code-security/concepts/vulnerability-reporting-and-management/index.md
@@ -0,0 +1,18 @@
+---
+title: Concepts for vulnerability reporting and management
+shortTitle: Vulnerability reporting
+intro: Learn core concepts relating to vulnerability reporting and management on {% data variables.product.github %}.
+versions:
+  fpt: '*'
+  ghec: '*'
+topics:
+  - Security advisories
+  - Vulnerabilities
+contentType: concepts
+children:
+  - /about-the-github-advisory-database
+  - /about-repository-security-advisories
+  - /about-global-security-advisories
+  - /about-coordinated-disclosure-of-security-vulnerabilities
+  - /about-your-exposure-to-vulnerabilities-in-your-code-and-in-dependencies
+---
diff --git a/content/code-security/index.md b/content/code-security/index.md
@@ -23,7 +23,7 @@ featuredLinks:
   popular:
     - '{% ifversion secret-risk-assessment %}/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/about-secret-risk-assessment{% endif %}'
     - '{% ifversion ghes %}/admin/release-notes{% endif %}'
-    - /code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/about-coordinated-disclosure-of-security-vulnerabilities
+    - /code-security/concepts/vulnerability-reporting-and-management/about-coordinated-disclosure-of-security-vulnerabilities
     - /code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization
     - /code-security/securing-your-organization/fixing-security-alerts-at-scale/best-practice-fix-alerts-at-scale
     - /code-security/concepts/supply-chain-security/best-practices-for-maintaining-dependencies
diff --git a/content/code-security/securing-your-organization/understanding-your-organizations-exposure-to-vulnerabilities/index.md b/content/code-security/securing-your-organization/understanding-your-organizations-exposure-to-vulnerabilities/index.md
@@ -1,7 +1,7 @@
 ---
-title: 'Understanding your organization''s exposure to vulnerabilities'
+title: Understanding your organization's exposure to vulnerabilities
 shortTitle: Exposure to vulnerabilities
-intro: 'Understanding your organization''s exposure to vulnerable code and dependencies is crucial for identifying and prioritizing security risks. This awareness allows you to prioritize remediation efforts, reduce the likelihood of security breaches, protect sensitive data, and maintain the overall integrity and reputation of the organization.'
+intro: Understanding your organization's exposure to vulnerable code and dependencies is crucial for identifying and prioritizing security risks. This awareness allows you to prioritize remediation efforts, reduce the likelihood of security breaches, protect sensitive data, and maintain the overall integrity and reputation of the organization.
 versions:
   feature: dependabot-metrics
 topics:
@@ -11,9 +11,9 @@ topics:
   - Organizations
   - Security
 children:
-  - /about-your-exposure-to-vulnerable-dependencies
   - /prioritizing-dependabot-alerts-using-metrics
   - /alerts-in-production-code
 redirect_from:
   - /code-security/securing-your-organization/understanding-your-organizations-exposure-to-vulnerabilites
 ---
+
diff --git a/content/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/index.md b/content/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/index.md
@@ -13,8 +13,8 @@ topics:
   - Repositories
   - CVEs
 children:
-  - /about-coordinated-disclosure-of-security-vulnerabilities
   - /best-practices-for-writing-repository-security-advisories
   - /privately-reporting-a-security-vulnerability
   - /managing-privately-reported-security-vulnerabilities
 ---
+
diff --git a/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/index.md b/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/index.md
@@ -1,7 +1,7 @@
 ---
 title: Working with global security advisories from the GitHub Advisory Database
 shortTitle: Global security advisories
-intro: 'Browse the {% data variables.product.prodname_advisory_database %} and submit improvements to any global security advisory.'
+intro: Browse the {% data variables.product.prodname_advisory_database %} and submit improvements to any global security advisory.
 redirect_from:
   - /code-security/security-advisories/global-security-advisories
 versions:
@@ -14,8 +14,7 @@ topics:
   - Repositories
   - CVEs
 children:
-  - /about-the-github-advisory-database
-  - /about-global-security-advisories
   - /browsing-security-advisories-in-the-github-advisory-database
   - /editing-security-advisories-in-the-github-advisory-database
 ---
+
diff --git a/content/code-security/security-advisories/working-with-repository-security-advisories/index.md b/content/code-security/security-advisories/working-with-repository-security-advisories/index.md
@@ -1,7 +1,7 @@
 ---
 title: Working with repository security advisories
 shortTitle: Repository security advisories
-intro: 'Discuss, fix, and disclose security vulnerabilities in your public repositories using repository security advisories.'
+intro: Discuss, fix, and disclose security vulnerabilities in your public repositories using repository security advisories.
 redirect_from:
   - /articles/managing-security-vulnerabilities-in-your-project
   - /github/managing-security-vulnerabilities/managing-security-vulnerabilities-in-your-project
@@ -16,7 +16,6 @@ topics:
   - Repositories
   - CVEs
 children:
-  - /about-repository-security-advisories
   - /permission-levels-for-repository-security-advisories
   - /configuring-private-vulnerability-reporting-for-a-repository
   - /configuring-private-vulnerability-reporting-for-an-organization
@@ -29,3 +28,4 @@ children:
   - /removing-a-collaborator-from-a-repository-security-advisory
   - /deleting-a-repository-security-advisory
 ---
+
diff --git a/data/learning-tracks/code-security.yml b/data/learning-tracks/code-security.yml
@@ -5,13 +5,13 @@ security_advisories:
     vulnerability and get a CVE.
   guides:
     - >-
-      /code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/about-coordinated-disclosure-of-security-vulnerabilities
+      /code-security/concepts/vulnerability-reporting-and-management/about-coordinated-disclosure-of-security-vulnerabilities
     - >-
-      /code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/about-the-github-advisory-database
+      /code-security/concepts/vulnerability-reporting-and-management/about-the-github-advisory-database
     - >-
-      /code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/about-global-security-advisories
+      /code-security/concepts/vulnerability-reporting-and-management/about-global-security-advisories
     - >-
-      /code-security/security-advisories/working-with-repository-security-advisories/about-repository-security-advisories
+      /code-security/concepts/vulnerability-reporting-and-management/about-repository-security-advisories
     - >-
       /code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/best-practices-for-writing-repository-security-advisories
     - >-
