Skip to main content
我们经常发布文档更新,此页面的翻译可能仍在进行中。有关最新信息,请访问英文文档。如果此页面上的翻译有问题,请告诉我们
Enterprise Server 3.1
简体中文
� 
Code security
Enterprise Server 3.1
简体中文

� 

此版本的 GitHub Enterprise 已停止服务 2022-06-03. 即使针对重大安全问题,也不会发布补丁。 要获得更好的性能、改进的安全性和新功能,请升级到 GitHub Enterprise 的最新版本。 如需升级方面的帮助,请联系 GitHub Enterprise 支持

Securing your organization

本文内容

You can use a number of GitHub features to help keep your organization secure.

Organization owners can configure organization security settings.

Introduction

This guide shows you how to configure security features for an organization. Your organization's security needs are unique and you may not need to enable every security feature. For more information, see "GitHub security features."

某些功能可用于所有存储库。 其他功能可供使用 GitHub Advanced Security 的企业使用。 更多信息请参阅“关于 GitHub Advanced Security”。

Managing access to your organization

You can use roles to control what actions people can take in your organization. For more information, see "Roles in an organization."

Creating a default security policy

You can create a default security policy that will display in any of your organization's public repositories that do not have their own security policy. For more information, see "Creating a default community health file."

Managing Dependabot 警报 and the dependency graph

Enterprise owners can configure the dependency graph and Dependabot 警报 for an enterprise. For more information, see "Enabling the dependency graph for your enterprise" and "Enabling Dependabot for your enterprise."

For more information, see "About Dependabot 警报," "Exploring the dependencies of a repository," and "Managing security and analysis settings for your organization."

Managing GitHub Advanced Security

If your enterprise has an Advanced Security license, you can enable or disable Advanced Security features.

  1. Click your profile photo, then click Organizations.
  2. Click Settings next to your organization.
  3. Click Security & analysis.
  4. Click Enable all or Disable all next to GitHub Advanced Security.
  5. Optionally, select Automatically enable for new private repositories.

For more information, see "About GitHub Advanced Security" and "Managing security and analysis settings for your organization."

Configuring 秘密扫描

秘密扫描 is an Advanced Security feature that scans repositories for secrets that are insecurely stored.

秘密扫描 is available if your enterprise uses Advanced Security.

You can enable or disable 秘密扫描 for all repositories across your organization that have Advanced Security enabled.

  1. Click your profile photo, then click Organizations.
  2. Click Settings next to your organization.
  3. Click Security & analysis.
  4. Click Enable all or Disable all next to 秘密扫描 (GitHub Advanced Security repositories only).
  5. Optionally, select Automatically enable for private repositories added to Advanced Security.

For more information, see "Managing security and analysis settings for your organization."

Configuring 代� �扫描

代� �扫描 is an Advanced Security feature that scans code for security vulnerabilities and errors

代� �扫描 is available if your enterprise uses Advanced Security.

代� �扫描 is configured at the repository level. For more information, see "Setting up 代� �扫描 for a repository."

Next steps

You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see "Viewing and updatng Dependabot 警报," "Managing 代� �扫描 for your repository," and "Managing alerts from 秘密扫描."