Introduction
This guide shows you how to configure security features for an organization. Your organization's security needs are unique and you may not need to enable every security feature. For more information, see "GitHub security features."
Some features are available for all repositories. Additional features are available to enterprises that use GitHub Advanced Security. 詳しい情� �については、「GitHub Advanced Security について」を参照してく� さい。
Managing access to your organization
You can use roles to control what actions people can take in your organization. For more information, see "Roles in an organization."
Creating a default security policy
You can create a default security policy that will display in any of your organization's public repositories that do not have their own security policy. For more information, see "Creating a default community health file."
Managing Dependabotアラート and the dependency graph
Enterprise owners can configure the dependency graph and Dependabotアラート for an enterprise. 詳しい情� �については「Enterpriseでの依存関係グラフの有効化」及び「EnterpriseでのDependabotの有効化」を参照してく� さい。
For more information, see "About Dependabotアラート," "Exploring the dependencies of a repository," and "Managing security and analysis settings for your organization."
Managing GitHub Advanced Security
If your enterprise has an Advanced Security license, you can enable or disable Advanced Security features.
- Click your profile photo, then click Organizations.
- Click Settings next to your organization.
- Click Security & analysis.
- Click Enable all or Disable all next to GitHub Advanced Security.
- Optionally, select Automatically enable for new private repositories.
For more information, see "About GitHub Advanced Security" and "Managing security and analysis settings for your organization."
Configuring secret scanning
Secret scanning is an Advanced Security feature that scans repositories for secrets that are insecurely stored.
Secret scanning is available if your enterprise uses Advanced Security.
You can enable or disable secret scanning for all repositories across your organization that have Advanced Security enabled.
- Click your profile photo, then click Organizations.
- Click Settings next to your organization.
- Click Security & analysis.
- Click Enable all or Disable all next to Secret scanning (GitHub Advanced Security repositories only).
- Optionally, select Automatically enable for private repositories added to Advanced Security.
For more information, see "Managing security and analysis settings for your organization."
Configuring code scanning
Code scanning is an Advanced Security feature that scans code for security vulnerabilities and errors
Code scanning is available if your enterprise uses Advanced Security.
Code scanning is configured at the repository level. For more information, see "Setting up code scanning for a repository."
Next steps
You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see "Viewing and updatng Dependabotアラート," "Managing code scanning for your repository," and "Managing alerts from secret scanning."