jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-19 18:10:59 -05:00
Code Issues Projects Releases Wiki Activity
Files
6608eff4a32ce9623e9907409565a6d5dbba66ef
docs/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md
Vanessa 6608eff4a3 Secret scanning for user-owned repositories on GHEC-EMU and GHES [Public Beta] (#47673) 
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
Co-authored-by: Rachael Sewell <rachmari@github.com>
2024-02-23 21:34:49 +00:00

6.6 KiB
Raw Blame History

title, intro, permissions, versions, type, topics, shortTitle
title intro permissions versions type topics shortTitle
Managing GitHub Advanced Security features for your enterprise You can control {% data variables.product.prodname_GH_advanced_security %} features that secure and analyze code across all organizations owned by your enterprise. Enterprise owners can manage {% data variables.product.prodname_advanced_security %} features for organizations in an enterprise.
feature
secret-scanning-enterprise-level
how_to
Alerts
Advanced Security
Dependency graph
Secret scanning
Repositories
Manage GitHub Advanced Security

About management of {% data variables.product.prodname_advanced_security %} features

You can use {% data variables.product.prodname_advanced_security %} features to harden security for the organizations in your enterprise. To streamline management of {% data variables.product.prodname_advanced_security %}, you can enable or disable each feature for all existing and/or new repositories within the organizations owned by your enterprise.

{% ifversion secret-scanning-enterprise-level-api %}{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %}{% endif %}

{% ifversion ghes %}For information about buying a license for {% data variables.product.prodname_GH_advanced_security %}, see "AUTOTITLE."{% elsif ghec %}For information about buying a license for {% data variables.product.prodname_GH_advanced_security %}, see "AUTOTITLE."{% endif %}

If you have disallowed {% data variables.product.prodname_GH_advanced_security %} for an organization, that organization will not be affected by enabling a feature for all existing repositories or for all new repositories. For more information about disallowing {% data variables.product.prodname_GH_advanced_security %} for an organization, see "AUTOTITLE."

When you enable one or more security and analysis features for existing repositories, you will see any results displayed on {% data variables.product.prodname_dotcom %} within minutes.

{% data reusables.security.security-and-analysis-features-enable-read-only %}

Managing {% data variables.product.prodname_advanced_security %} features

{% data reusables.advanced-security.note-org-enable-uses-seats %}

{% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %}

  1. In the left sidebar, click Code security & analysis.

  2. Optionally, enable or disable a feature for all existing repositories.

    • To the right of the feature, click Disable all or Enable all. {% ifversion ghes or ghec %}If the control for "{% data variables.product.prodname_GH_advanced_security %}" is disabled, you have no available {% ifversion ghas-billing-UI-update %}licenses{% else %}seats{% endif %} for {% data variables.product.prodname_GH_advanced_security %}.{% endif %}

      {% ifversion ghec %} Screenshot of the "Configure security and analysis features" section of the enterprise settings. To the right of each setting are "Enable all" and "Disable all" buttons, which are outlined in dark orange.

      {% else %} Screenshot of the "Configure security and analysis features" section of the enterprise settings. To the right of each setting are "Enable all" and "Disable all" buttons, which are outlined in dark orange.{% endif %}

    • To confirm the change, click the Enable/Disable all or Enable/Disable for eligible repositories button in the dialog that is displayed.

  3. Optionally, to enable or disable a feature automatically when new private and internal repositories{% ifversion secret-scanning-user-owned-repos %}, user namespace repositories {% ifversion ghec %}belonging to {% data variables.product.prodname_emus %}{% endif %}{% endif %}, or public repositories and repositories with {% data variables.product.prodname_GH_advanced_security %} enabled are created, select the checkbox below the feature. {% ifversion secret-scanning-validity-check-partner-patterns %}

  4. Optionally, to automatically allow {% data variables.product.prodname_secret_scanning %} to check the validity of a secret by sending it to the relevant partner, select the relevant checkbox under "{% data variables.product.prodname_secret_scanning_caps %}". You can also enable the validity check for a single repository or organization. For more information, see "Allowing validity checks for partner patterns in a repository," and "Allowing validity checks for partner patterns in an organization."

    For information on using the REST API to enable validity checks for partner patterns for your enterprise, see "AUTOTITLE" in the REST API documentation.

    {% data reusables.secret-scanning.validity-check-partner-patterns-beta %}

{%- endif %} {% ifversion secret-scanning-custom-link-on-block %}

  1. Optionally, to include a resource link in the message that members will see when they attempt to push a secret, select Add a resource link in the CLI and web UI when a commit is blocked, then type a URL, and click Save link.

    {% note %}

    Note: When a custom link is configured for an organization, the organization-level value overrides the custom link set for the enterprise. For more information, see "AUTOTITLE."

    {% endnote %}

    Screenshot of the "Push protection" section of the settings for security and analysis features. The checkbox and the text field used for enabling a custom link are outlined in dark orange.{% endif %}

Reference in New Issue View Git Blame Copy Permalink