Configuring additional secret scanning settings for your enterprise

About additional settings for secret scanning

There are some additional secret scanning settings that cannot be applied to repositories using security configurations, so you must configure these settings separately:

• Configuring a resource link for push protection
• Configuring AI detection to find additional secrets

These additional settings only apply to repositories with both GitHub Advanced Security and secret scanning enabled.

Accessing the additional settings for secret scanning

1. En la esquina superior derecha de GitHub, haz clic en la fotografía del perfil.
2. En función de tu entorno, haz clic en Your enterpriseo en Your enterprises y, a continuación, haz clic en la empresa que deseas ver.
3. En el lado izquierdo de la página, en la barra lateral de la cuenta de empresa, haz clic en Configuración.
4. In the left sidebar, click Code security.
5. Scroll down the page to the "Additional settings" section.

Configuring a resource link for push protection

To provide context for developers when secret scanning blocks a commit, you can display a link with more information on why the commit was blocked.

1. Under "Additional settings", to the right of "Resource link for push protection", click .
2. In the text box, type the link to the desired resource, then click .

Configuring AI detection to find additional secrets

Digitalización secreta de Copilot's detección de secretos genéricos is an AI-powered expansion of secret scanning that scans and creates alerts for unstructured secrets, such as passwords.

1. Under "Additional settings", to the right of "Use AI detection to find additional secrets", ensure the setting is toggled to "On".

To learn more about generic secrets, see Detección responsable de secretos genéricos con el análisis de secretos de Copilot.