Skip to content

about-enabling-security-features-at-scale.md

Latest commit

 

History

History
86 lines (51 loc) · 6.04 KB

about-enabling-security-features-at-scale.md

File metadata and controls

86 lines (51 loc) · 6.04 KB
title About enabling security features at scale
shortTitle Organization security
intro You can quickly secure your organization at scale with {% data variables.product.prodname_security_configurations %} and {% data variables.product.prodname_global_settings %}.
versions
feature
security-configurations
topics
Code Security
Secret Protection
Organizations
Security
redirect_from
/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale
contentType concepts

About securing your organization

{% ifversion ghas-products %}

{% data variables.product.github %} has many features that help you improve and maintain the quality of your code. Some features are included in all {% data variables.product.github %} plans. Additional features are available {% ifversion fpt or ghec %}to organizations on {% data variables.product.prodname_team %} and {% data variables.product.prodname_ghe_cloud %} that{% else %} if you {% endif %} purchase a {% data variables.product.prodname_GHAS %} product:

{% data reusables.advanced-security.ghas-products-bullets+ghas %}

{% else %}

{% data variables.product.github %} offers many security features including {% data variables.product.prodname_GHAS %}, a suite of features designed to protect your organization from vulnerabilities in your code, insecure dependencies, leaked secrets, and more.

{% endif %}

You can easily enable and manage {% data variables.product.github %}'s security features throughout your organization with {% data variables.product.prodname_security_configurations %}, which control repository-level security features, and {% data variables.product.prodname_global_settings %}, which control security features at the organization level. We recommend applying {% data variables.product.prodname_security_configurations %} and customizing your {% data variables.product.prodname_global_settings %} to create a system that best meets the security needs of your organization.

For more information on purchasing {% data variables.product.prodname_GH_cs_or_sp %}, see AUTOTITLE and AUTOTITLE{% ifversion fpt or ghes %} in the {% data variables.product.prodname_ghe_cloud %} documentation{% endif %}.

About {% data variables.product.prodname_security_configurations %}

{% data reusables.security-configurations.define-security-configurations %}

{% ifversion security-configurations-cloud %}

There are two types of {% data variables.product.prodname_security_configuration %}:

  • The {% data variables.product.prodname_github_security_configuration %}, which is a collection of enablement settings created and managed by subject matter experts at {% data variables.product.company_short %}
  • {% data variables.product.prodname_custom_security_configurations_caps %}, which are configurations you can create and edit yourself, allowing you to meet your specific security needs

For more detailed information on {% data variables.product.prodname_security_configurations %}, see AUTOTITLE.

{% elsif security-configurations-ghes-only %}

{% data reusables.security-configurations.custom-configuration-intro-ghes %}

To learn how to create {% data variables.product.prodname_custom_security_configurations %}, see AUTOTITLE.

{% endif %}

About {% data variables.product.prodname_global_settings %}

While {% data variables.product.prodname_security_configurations %} determine repository-level security settings, {% data variables.product.prodname_global_settings %} determine your organization-level security settings, which are then inherited by all repositories. With {% data variables.product.prodname_global_settings %}, you can customize how security features analyze your organization{% ifversion ghes < 3.16 %}, as well as grant a team permission to manage security alerts and settings across your organization{% endif %}.

{% ifversion org-private-registry %}

About enabling secure access to private registries

If your organization uses private registries, providing {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_dependabot %} secure access to these registries will improve code analysis and allow {% data variables.product.prodname_dependabot %} to update a wider range of dependencies. For information, see AUTOTITLE.

{% endif %}

{% ifversion fpt or ghec %}

About integrating production context

If your organization uses {% data variables.product.prodname_microsoft_defender %}, JFrog Artifactory, or CI/CD to promote artifacts to production, you can integrate this data into {% data variables.product.github %}. This production context helps you prioritize {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_dependabot %} alerts. For more information, see AUTOTITLE.

{% endif %}

Next steps

{% ifversion security-configurations-cloud %}

To determine which {% data variables.product.prodname_security_configurations %} are right for the repositories in your organization, see AUTOTITLE.

{% elsif security-configurations-ghes-only %}

To get started with creating a {% data variables.product.prodname_security_configuration %} for your organization, see AUTOTITLE.

{% endif %}