Skip to main content
Frecuentemente publicamos actualizaciones de nuestra documentación. Es posible que la traducción de esta página esté en curso. Para conocer la información más actual, visita la documentación en inglés. Si existe un problema con las traducciones en esta página, por favor infórmanos.
GitHub AE está actualmente en un lanzamiento limitado. Por favor, contacta a nuestro equipo de ventas para conocer más sobre esto.

Securing your organization

You can use a number of GitHub features to help keep your organization secure.

Organization owners can configure organization security settings.

Introduction

This guide shows you how to configure security features for an organization. Your organization's security needs are unique and you may not need to enable every security feature. For more information, see "GitHub security features."

Algunas características están disponibles para todos los repositorios. Las características adicionales se encuentran disponibles para las empresas que utilizan la GitHub Advanced Security. Para obtener más información, consulta la sección "Acerca de GitHub Advanced Security".

Managing access to your organization

You can use roles to control what actions people can take in your organization. For example, you can assign the security manager role to a team to give them the ability to manage security settings across your organization, as well as read access to all repositories. For more information, see "Roles in an organization."

Managing Las alertas del dependabot and the dependency graph

Nota: Las alertas del dependabot se encuentra acutalmente en beta y está sujeto a cambios.

Los propietarios de empresa pueden configurar las Las alertas del dependabot para una empresa. Para obtener más información, consulta la sección "Habilitar el Dependabot para tu empresa".

For more information, see "About Las alertas del dependabot," "Exploring the dependencies of a repository," and "Managing security and analysis settings for your organization."

Managing dependency review

Dependency review is an Advanced Security feature that lets you visualize dependency changes in pull requests before they are merged into your repositories. For more information, see "About dependency review."

Dependency review is available when dependency graph is enabled for tu empresa and you enable Advanced Security for the organization (see below).

Managing GitHub Advanced Security

You can enable or disable Advanced Security features.

  1. Click your profile photo, then click Organizations.
  2. Click Settings next to your organization.
  3. Click Security & analysis.
  4. Click Enable all or Disable all next to GitHub Advanced Security.
  5. Optionally, select Automatically enable for new private repositories.

For more information, see "About GitHub Advanced Security" and "Managing security and analysis settings for your organization."

Configuring escaneo de secretos

Escaneo de secretos is an Advanced Security feature that scans repositories for secrets that are insecurely stored.

Escaneo de secretos is available if your enterprise uses Advanced Security.

You can enable or disable escaneo de secretos for all repositories across your organization that have Advanced Security enabled.

  1. Click your profile photo, then click Organizations.
  2. Click Settings next to your organization.
  3. Click Security & analysis.
  4. Click Enable all or Disable all next to Escaneo de secretos (GitHub Advanced Security repositories only).
  5. Optionally, select Automatically enable for private repositories added to Advanced Security.

For more information, see "Managing security and analysis settings for your organization."

Configuring escaneo de código

Escaneo de código is an Advanced Security feature that scans code for security vulnerabilities and errors

Escaneo de código is available if your enterprise uses Advanced Security.

Escaneo de código is configured at the repository level. For more information, see "Setting up escaneo de código for a repository."

Next steps

You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see "Managing escaneo de código for your repository," and "Managing alerts from escaneo de secretos."

You can view, filter, and sort security alerts for repositories owned by your organization in the security overview. For more information, see "About the security overview."