Skip to main content

Enterprise Server 3.16 is currently available as a release candidate.

About security configurations

Security configurations are collections of security settings that you can apply across your enterprise.

Who can use this feature?

Security configurations is available for the following repositories:

  • Organization-owned repositories with GitHub Advanced Security enabled
  • User-owned repositories for an enterprise with GitHub Advanced Security enabled

About security configurations

Security configurations simplify the rollout of GitHub security products at scale by helping you define collections of security settings and apply them across your enterprise.

With custom security configurations, you can create collections of enablement settings for GitHub's security products to meet the specific security needs of your enterprise. For example, you can create a different custom security configuration for each organization or group of similar organizations to reflect their different levels of security requirements and compliance obligations. For more information, see Creating a custom security configuration for your enterprise.

When creating a security configuration, keep in mind that:

  • Only features installed by a site administrator on your GitHub Enterprise Server instance will appear in the UI.
  • GitHub Advanced Security features will only be visible if your enterprise or GitHub Enterprise Server instance holds a GitHub Advanced Security license.
  • Certain features, like Dependabot security updates and code scanning default setup, also require that GitHub Actions is installed on the GitHub Enterprise Server instance.

Preserving default settings for new repositories

If you had default security settings in place for newly created repositories, GitHub will preserve these settings by automatically creating a "New repository default settings" security configuration for your enterprise. The configuration matches your previous enterprise-level default settings for new repositories as of December, 2024.

The "New repository default settings" configuration will automatically get applied to any newly created repositories in your enterprise, if no organization-level defaults are set.