Securing your organization

You can use a number of GitHub features to help keep your organization secure.

Organization owners can configure organization security settings.

Introduction

This guide shows you how to configure security features for an organization. Your organization's security needs are unique and you may not need to enable every security feature. For more information, see "GitHub security features."

Some security features are only available if you have an Advanced Security license. Para obtener más información, consulta la sección "Acerca de GitHub Advanced Security".

Managing access to your organization

You can use roles to control what actions people can take in your organization. For more information, see "Roles in an organization."

Creating a default security policy

You can create a default security policy that will display in any of your organization's public repositories that do not have their own security policy. For more information, see "Creating a default community health file."

Managing Las alertas del dependabot and the dependency graph

The dependency graph and Las alertas del dependabot are configured at an enterprise level by the enterprise owner. Para obtener más información, consulta la sección "Habilitar la gráfica de dependencias y las Las alertas del dependabot en tu cuenta empresarial".

For more information, see "About alerts for vulnerable dependencies," "Exploring the dependencies of a repository," and "Managing security and analysis settings for your organization."

Managing GitHub Advanced Security

If your organization has an Advanced Security license, you can enable or disable Advanced Security features.

  1. Click your profile photo, then click Organizations.
  2. Click Settings next to your organization.
  3. Click Security & analysis.
  4. Click Enable all or Disable all next to GitHub Advanced Security.
  5. Optionally, select Automatically enable for new private repositories.

For more information, see "About GitHub Advanced Security" and "Managing security and analysis settings for your organization."

Configuring escaneo de secretos

Escaneo de secretos is available if you have an Advanced Security license.

You can enable or disable escaneo de secretos for all repositories across your organization that have Advanced Security enabled.

  1. Click your profile photo, then click Organizations.
  2. Click Settings next to your organization.
  3. Click Security & analysis.
  4. Click Enable all or Disable all next to Escaneo de secretos (GitHub Advanced Security repositories only).
  5. Optionally, select Automatically enable for private repositories added to Advanced Security.

For more information, see "Managing security and analysis settings for your organization."

Next steps

You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see "Viewing and updating vulnerable dependencies in your repository," "Managing escaneo de código for your repository," and "Managing alerts from escaneo de secretos."

¿Te ayudó este documento?

Política de privacidad

¡Ayúdanos a hacer geniales estos documentos!

Todos los documentos de GitHub son de código abierto. ¿Notas algo que esté mal o que no sea claro? Emite una solicitud de cambios.

Haz una contribución

O, aprende cómo contribuir.