Skip to main content

About security configurations

Security configurations are collections of security settings that you can apply across your enterprise.

Who can use this feature?

Security configurations is available for the following repositories:

  • Public repositories
  • Private and internal repositories in organizations using GitHub Enterprise Cloud with GitHub Advanced Security enabled

About security configurations

Security configurations simplify the rollout of GitHub security products at scale by helping you define collections of security settings and apply them across your enterprise.

We recommend securing your enterprise with the GitHub-recommended security configuration, then evaluating the security findings on your repositories before configuring custom security configurations. For more information, see Applying the GitHub-recommended security configuration to your enterprise.

With custom security configurations, you can create collections of enablement settings for GitHub's security products to meet the specific security needs of your enterprise. For example, you can create a different custom security configuration for each organization or group of similar organizations to reflect their different levels of security requirements and compliance obligations. For more information, see Creating a custom security configuration for your enterprise.

If your enterprise uses Enterprise Managed Users, please note that enterprise-level security configurations are not automatically rolled out to user namespace repositories. There are some additional secret scanning settings that can be applied to user namespace repositories within the enteprise, but you cannot apply enterprise-level security configurations to this type of user-owner repository.

Note

Some features enabled in security configurations may require Actions minutes to work. GitHub will let you know if that's the case when you apply the configuration to a repository. For more information about billing for GitHub Actions, see About billing for GitHub Actions.

Preserving default settings for new repositories

If you had default security settings in place for newly created repositories, GitHub will preserve these settings by automatically creating a "New repository default settings" security configuration for your enterprise. The configuration matches your previous enterprise-level default settings for new repositories as of December, 2024.

The "New repository default settings" configuration will automatically get applied to any newly created repositories in your enterprise, if no organization-level defaults are set.