Managing secret scanning for your organization

You can control which repositories in your organization GitHub will scan for secrets.

Organization owners can manage secret scanning for repositories in the organization.

In this article

Did this doc help you?

Note: Secret scanning for private repositories is currently in beta and subject to change. To request access to the beta, join the waitlist.

About management of secret scanning

Secret scanning can help you mitigate the impact of leaked secrets in your organization's repositories. For more information, see "About secret scanning."

You can manage how GitHub scans for secrets in existing repositories in your organization. You can also enable or disable secret scanning by default for any new repositories that members create in your organization.

If you enable security and analysis features, GitHub performs read-only analysis on your repository. For more information, see "About GitHub's use of your data."

Note: Secret scanning is enabled by default for public repositories in your organization and can't be disabled. For more information, see "About secret scanning for public repositories."

Enabling or disabling secret scanning for existing private repositories

  1. In the top right corner of GitHub, click your profile photo, then click Your profile.
    Profile photo
  2. On the left side of your profile page, under "Organizations", click the icon for your organization.
    organization icons
  3. Under your organization name, click Settings.
    Organization settings button
  4. In the left sidebar, click Security & analysis.
    "Security & analysis" tab in organization settings
  5. To the right of "Secret scanning", click Disable all or Enable all.
    "Enable all" or "Disable all" button for secret scanning
  6. Optionally, enable secret scanning by default for new private repositories in your organization.
    "Enable by default" option for new repositories
  7. Click Disable secret scanning or Enable secret scanning to disable or enable the feature for all the repositories in your organization.
    Button to disable or enable secret scanning

Enabling or disabling secret scanning for new private repositories

  1. In the top right corner of GitHub, click your profile photo, then click Your profile.
    Profile photo
  2. On the left side of your profile page, under "Organizations", click the icon for your organization.
    organization icons
  3. Under your organization name, click Settings.
    Organization settings button
  4. In the left sidebar, click Security & analysis.
    "Security & analysis" tab in organization settings
  5. To the right of "Secret scanning", enable or disable the feature by default for new private repositories in your organization.
    Checkbox for enabling or disabling a feature for new repositoris

Did this doc help you?