Note: Generic secret detection for secret scanning is in beta. Functionality and documentation are subject to change. During this phase, generic secret detection is limited to looking for passwords in source code.
Enabling AI-powered generic secret detection for your repository
To use generic secret detection, an enterprise owner must first set a policy at the enterprise level that controls whether repositories can enable or disable AI detection. This policy is set to "allowed" by default.
You can then enable the feature in the "Code security and analysis" settings page of your repository.
-
On GitHub.com, navigate to the main page of the repository.
-
Under your repository name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.
-
In the "Security" section of the sidebar, click Code security and analysis.
-
Under "Code security and analysis", find "GitHub Advanced Security."
-
Under "Secret scanning", select the checkbox next to "Use AI detection to find additional secrets".
Enabling AI-powered generic secret detection for your organizations
To use generic secret detection, an enterprise owner must first set a policy at the enterprise level that controls whether repositories in an organization can enable or disable AI detection. This policy is set to "allowed" by default.
You can then enable the feature in the security settings page of your organization.
- In the upper-right corner of GitHub, select your profile photo, then click Your organizations.
- Next to the organization, click Settings.
- In the "Security" section of the sidebar, click Code security then Global settings.
- Under "Secret scanning", select the checkbox next to "Use AI detection to find additional secrets".
For information on how to view alerts for generic secrets that have been detected using AI, see "Managing alerts from secret scanning."