Skip to main content

Using advanced secret scanning and push protection features

Learn how you can customize secret scanning to meet the needs of your company.

Who can use this feature?

Secret scanning is available for the following repositories:

  • Organization-owned repositories with GitHub Advanced Security enabled
  • for an enterprise with GitHub Advanced Security enabled

Excluding folders and files from secret scanning

You can customize secret scanning to exclude directories or files from analysis, by configuring a secret_scanning.yml file in your repository.

Custom patterns

You can extend the capabilities of secret scanning to search for your own patterns. These custom patterns can range from your service API keys to connection strings into cloud resources.