Enabling GitHub Advanced Security for your enterprise

You can configure GitHub Enterprise to include GitHub Advanced Security. This provides extra features that help users find and fix security problems in their code.

GitHub Advanced Security is available for enterprise accounts on GitHub Enterprise Cloud and Servidor de GitHub Enterprise. For more information, see "About GitHub's products."

About enabling GitHub Advanced Security

GitHub Advanced Security helps developers improve and maintain the security and quality of code. For more information, see "About GitHub Advanced Security."

When you enable GitHub Advanced Security for your enterprise, repository administrators in all organizations can enable the features unless you set up a policy to restrict access. For more information, see "Enforcing policies for Advanced Security in your enterprise."

Prerequisites for enabling GitHub Advanced Security

  1. Upgrade your license for GitHub Enterprise to include GitHub Advanced Security. For information about licensing, see "About billing for GitHub Advanced Security."

  2. Download the new license file. For more information, see "Downloading your license for GitHub Enterprise."

  3. Upload the new license file to tu instancia de servidor de GitHub Enterprise. For more information, see "Uploading a new license to Servidor de GitHub Enterprise."

  4. Review the prerequisites for the features you plan to enable.

Checking whether your license includes GitHub Advanced Security

  1. Visita la cuenta de tu empresa en https://github.com/enterprises/ENTERPRISE-NAME, reemplazando ENTERPRISE-NAME por el nombre de la cuenta de tu empresa.
  2. En la barra lateral de la cuenta de empresa, haz clic en Settings (Configuraciones). Pestaña Settings (Configuraciones) en la barra lateral de la cuenta de empresa
  3. En la barra lateral izquierda, haz clic en License (Licencia). Pestaña de licencia en la barra lateral de configuración de enterprise server
  4. If your license includes GitHub Advanced Security, the license page includes a section showing details of current usage. GitHub Advanced Security section of Enterprise license

Enabling and disabling GitHub Advanced Security features

Warning: Changing this setting will cause user-facing services on Servidor de GitHub Enterprise to restart. You should time this change carefully, to minimize downtime for users.

  1. En la esquina superior derecha de cualquier página, da clic en . Ícono de cohete para acceder a las configuraciones de administrador del sitio
  2. En la barra lateral izquierda, haz clic en Consola de administración. pestaña Consola de administración en la barra lateral izquierda
  3. En la barra lateral izquierda, haz clic en Advanced Security. Advanced Security sidebar
  4. Under "Advanced Security," select the features that you want to enable and deselect any features you want to disable. Checkbox to enable or disable Advanced Security features
  5. Debajo de la barra lateral izquierda, da clic en Guardar configuración. El botón de guardar en la Consola de administración
  6. Espera a que la configuración se ejecute por completo.

When GitHub Enterprise has finished restarting, you're ready to set up any additional resources required for newly enabled features. For more information, see "Configuring escaneo de código for your appliance."

Enabling or disabling GitHub Advanced Security features via the administrative shell (SSH)

You can enable or disable features programmatically on tu instancia de servidor de GitHub Enterprise. For more information about the administrative shell and command-line utilities for Servidor de GitHub Enterprise, see "Accessing the administrative shell (SSH)" and "Command-line utilities."

For example, you can enable any GitHub Advanced Security feature with your infrastructure-as-code tooling when you deploy an instance for staging or disaster recovery.

  1. SSH into tu instancia de servidor de GitHub Enterprise.

  2. Enable features for GitHub Advanced Security.

    • To enable Escaneo de código, enter the following commands.
      ghe-config app.minio.enabled true
      ghe-config app.code-scanning.enabled true
    • To enable Escaneo de secretos, enter the following command.
      ghe-config app.secret-scanning.enabled true
    • To enable Dependabot de GitHub, enter the following command.
      ghe-config app.github.dependency-graph-enabled true
  3. Optionally, disable features for GitHub Advanced Security.

    • To disable escaneo de código, enter the following commands.
      ghe-config app.minio.enabled false
      ghe-config app.code-scanning.enabled false
    • To disable escaneo de secretos, enter the following command.
      ghe-config app.secret-scanning.enabled false
    • To disable Dependabot de GitHub, enter the following command.
      ghe-config app.github.dependency-graph-enabled false
  4. Apply the configuration.

    ghe-config-apply

Did this doc help you?Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

O, learn how to contribute.