GitHub Metric
Engineering
Resolution Time = Alert Resolved Timestamp − Alert Created Timestamp
Security Alert Resolution Time measures the elapsed time from when a security alert (Dependabot, code scanning, or secret scanning) is opened to when it is resolved or dismissed in GitHub. It quantifies the organisation's responsiveness to known vulnerabilities and the effectiveness of its security remediation process.
GitHubEngineeringSecurity Alert Resolution Time
Security Alert Resolution Time measures the elapsed time from when a security alert (Dependabot, code scanning, or secret scanning) is opened to when it is resolved or dismissed in GitHub. It quantifies the organisation's responsiveness to known vulnerabilities and the effectiveness of its security remediation process.
How to calculate security alert resolution time
Why security alert resolution time matters for GitHub users
Every day a security alert remains open is a day your codebase is exposed to a known vulnerability. Attackers actively scan for unpatched dependencies, and the window between disclosure and exploitation is shrinking.
For GitHub teams, tracking alert resolution time by severity creates accountability and enables risk-based prioritisation. It also provides the data needed to demonstrate compliance with security SLAs to auditors and stakeholders.
Understand and act on security alert resolution time with KPI Tree
Sync security alert data from GitHub into your warehouse and model resolution time in KPI Tree, segmented by alert type and severity. Place it in a security posture tree alongside vulnerability trends and repository health.
Assign RACI ownership to the security team and set severity-based SLA alerts - for example, critical alerts must be resolved within 48 hours.
Get started with your GitHub data
MCPPull metrics from GitHub directly through the Model Context Protocol.
Connect your existing warehouse where GitHub data already lands.
Our professional services team can build you turn-key AI foundations in a matter of weeks. Data warehouse on Snowflake/BigQuery, ELT with Fivetran, all modelled in dbt with a semantic layer.
Related GitHub metrics
Security Vulnerability Trends
EngineeringMetric Definition
Security Vulnerability Trends tracks the number, severity, and type of security vulnerabilities discovered across repositories over time. It encompasses Dependabot alerts, code scanning findings, and secret scanning detections. Improving trends indicate maturing security practices and proactive dependency management.
Repository Health Score
EngineeringMetric Definition
Repository Health Score is a composite metric that evaluates key health indicators for a GitHub repository, including documentation completeness, test coverage, CI configuration, dependency freshness, branch protection rules, and recent maintenance activity. It provides a single number for comparing repository maturity across an organisation.
Bug Fix Rate
EngineeringMetric Definition
Bug Fix Rate = Bugs Closed in Period / Total Open Bugs at Start of Period × 100
Bug Fix Rate measures the proportion of bug-labelled issues closed within a given period relative to the total number of open bugs. It reflects a team's capacity and prioritisation of quality work. A consistently low rate may signal under-investment in reliability.
Issue Resolution Time
EngineeringMetric Definition
Issue Resolution Time = Issue Closed Timestamp − Issue Created Timestamp
Issue Resolution Time measures the elapsed time from when a GitHub issue is opened to when it is closed. It reflects team responsiveness, prioritisation effectiveness, and overall execution speed. Segmenting by label (bug, feature, chore) provides more actionable insights.
All GitHub metrics
Branch Lifecycle AnalysisBug Fix RateCode Churn RateCode Coverage TrendCode Quality Trend AnalysisCode Review Quality ScoreCode Review VelocityCommit FrequencyDeployment FrequencyDeveloper Contribution PatternsDeveloper Productivity ScoreDevOps Pipeline EfficiencyDiscussion Engagement RateFeature Development Cycle TimeIssue Resolution TimeLead Time for ChangesOpen Source Contribution AnalysisPull Request Approval RatePull Request Bottleneck AnalysisRelease VelocityRepository Health ScoreSecurity Vulnerability TrendsSprint Velocity TrackingTeam Collaboration IndexTechnical Debt AccumulationEmpower your team to understand and act on GitHub data
Map what drives your metrics, measure progress at any grain, prove what works statistically, and deliver personalised action plans to every team member.
