Skip to main content

Managing GitHub Advanced Security features for your enterprise

You can control GitHub Advanced Security features that secure and analyze code across all organizations owned by your enterprise.

Qui peut utiliser cette fonctionnalité ?

Enterprise owners can manage Advanced Security features for organizations in an enterprise.

About management of Advanced Security features

You can use Advanced Security features to harden security for the organizations in your enterprise. To streamline management of Advanced Security, you can enable or disable each feature for all existing and/or new repositories within the organizations owned by your enterprise.

Vous pouvez également activer ou désactiver les fonctionnalités Advanced Security via l’API. Pour plus d’informations, consultez « Points de terminaison d’API REST pour l’analyse de secrets » dans la documentation de l’API REST.

For information about buying a license for GitHub Advanced Security, see "À propos de la facturation pour GitHub Advanced Security."

If you have disallowed GitHub Advanced Security for an organization, that organization will not be affected by enabling a feature for all existing repositories or for all new repositories. For more information about disallowing GitHub Advanced Security for an organization, see "Enforcing policies for code security and analysis for your enterprise."

When you enable one or more security and analysis features for existing repositories, you will see any results displayed on GitHub within minutes.

Managing Advanced Security features

Remarque : si vous activez GitHub Advanced Security, les validateurs actifs de ces référentiels utilisent des GitHub Advanced Security licences. Cette option est désactivée si vous avez dépassé la capacité de votre licence.

  1. Dans le coin supérieur droit de GitHub Enterprise Server, cliquez sur votre photo de profil, puis sur Paramètres d’entreprise.

    Capture d’écran du menu déroulant qui s’affiche lorsque vous cliquez sur la photo de profil sur GitHub Enterprise Server. L’option « Paramètres d’entreprise » est mise en évidence avec un contour orange foncé.

  2. Dans la barre latérale du compte d’entreprise, cliquez sur Paramètres.

  3. In the left sidebar, click Code security & analysis.

  4. Optionally, enable or disable a feature for all existing repositories.

    • To the right of the feature, click Disable all or Enable all. If the control for "GitHub Advanced Security" is disabled, you have no available licenses for GitHub Advanced Security.

      Screenshot of the "Configure security and analysis features" section of the enterprise settings. To the right of each setting are "Enable all" and "Disable all" buttons, which are outlined in dark orange.

    • To confirm the change, click the Enable/Disable all or Enable/Disable for eligible repositories button in the dialog that is displayed.

  5. Optionally, to enable or disable a feature automatically when new private and internal repositories, or public repositories and repositories with GitHub Advanced Security enabled are created, select the checkbox below the feature.

  6. Optionally, to include a resource link in the message that members will see when they attempt to push a secret, select Add a resource link in the CLI and web UI when a commit is blocked, then type a URL, and click Save link.

    Note: When a custom link is configured for an organization, the organization-level value overrides the custom link set for the enterprise. For more information, see "Protection des poussées pour les référentiels et les organisations."

    Screenshot of the "Push protection" section of the settings for security and analysis features. The checkbox and the text field used for enabling a custom link are outlined in dark orange.