Skip to main content

Editing a custom security configuration

Change the enablement settings in your custom security configuration to better meet the security needs of your repositories.

Who can use this feature?

Organization owners and security managers can manage security configurations and global settings for an organization.

Note: Security configurations and global settings are in beta and subject to change. To provide feedback on these features, see the feedback discussion.

About editing a custom security configuration

After creating and applying a custom security configuration, you may need to edit the enablement settings for that configuration to better secure your repositories. Any changes you make to the enablement settings of a security configuration will automatically populate to all linked repositories.

To determine if your custom security configuration is meeting your security needs, see "Interpreting security findings on a repository."

Note: The GitHub-recommended security configuration is managed by GitHub and cannot be edited. If you would like to customize your security enablement settings, you need to create a custom security configuration. For more information, see "Creating a custom security configuration."

Modifying your custom security configuration

  1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations.

  2. Under your organization name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.

    Screenshot of the tabs in an organization's profile. The "Settings" tab is outlined in dark orange.

  3. In the "Security" section of the sidebar, select the Code security dropdown menu, then click Configurations.

  4. In the "Code security configurations" section, click the name of the custom security configuration you want to edit.

  5. Edit the name, description, and enablement settings of your custom security configuration as desired.

    Note: The default security configuration for an organization is only automatically applied to new repositories created in your organization. If a repository is transferred into your organization, you will still need to apply an appropriate security configuration to the repository manually.

  6. To apply your changes, click Update configuration.