Securing your organization

You can use a number of GitHub features to help keep your organization secure.

Organization owners can configure organization security settings.

はじめに

This guide shows you how to configure security features for an organization. Your organization's security needs are unique and you may not need to enable every security feature. For more information, see "GitHub security features."

Some security features are only available if you have an Advanced Security license. 詳しい情報については、「GitHub Advanced Security について」を参照してください。

Managing access to your organization

You can use permission levels to control what actions people can take in your organization. 詳しい情報については、「Organization の権限レベル」を参照してください。

Creating a default security policy

You can create a default security policy that will display in any of your organization's public repositories that do not have their own security policy. 詳しい情報については「デフォルトのコミュニティ健全性ファイルを作成する」を参照してください。

Managing Dependabotアラート and the dependency graph

By default, GitHub detects vulnerabilities in public repositories and generates Dependabotアラート and a dependency graph. You can enable or disable Dependabotアラート and the dependency graph for all repositories owned by your organization.

  1. Click your profile photo, then click Organizations.
  2. Click Settings next to your organization.
  3. Click Security & analysis.
  4. Click Enable all or Disable all next to the feature that you want to manage.
  5. Optionally, select Automatically enable for new repositories.

For more information, see "About alerts for vulnerable dependencies," "Exploring the dependencies of a repository," and "Managing security and analysis settings for your organization."

Managing GitHub Advanced Security

If your organization has an Advanced Security license, you can enable or disable Advanced Security features.

  1. Click your profile photo, then click Organizations.
  2. Click Settings next to your organization.
  3. Click Security & analysis.
  4. Click Enable all or Disable all next to GitHub Advanced Security.
  5. Optionally, select Automatically enable for new private repositories.

For more information, see "About GitHub Advanced Security" and "Managing security and analysis settings for your organization."

Configuring secret scanning

Secret scanning is available if you have an Advanced Security license.

You can enable or disable secret scanning for all repositories across your organization that have Advanced Security enabled.

  1. Click your profile photo, then click Organizations.
  2. Click Settings next to your organization.
  3. Click Security & analysis.
  4. Click Enable all or Disable all next to Secret scanning (GitHub Advanced Security repositories only).
  5. Optionally, select Automatically enable for private repositories added to Advanced Security.

詳しい情報については「Organizatonのためのセキュリティ及び分析設定の管理」を参照してください。

次のステップ

You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see "Viewing and updating vulnerable dependencies in your repository," "Managing code scanning for your repository," and "Managing alerts from secret scanning."

このドキュメントは役立ちましたか?プライバシーポリシー

これらのドキュメントを素晴らしいものにするのを手伝ってください!

GitHubのすべてのドキュメントはオープンソースです。間違っていたり、はっきりしないところがありましたか?Pull Requestをお送りください。

コントリビューションを行う

OR, コントリビューションの方法を学んでください。

問題がまだ解決していませんか?

GitHubコミュニティで質問するサポートへの連絡