보안 기능의 대규모 사용에 대해

security configurations 및 global settings을 사용하여 대규모 조직의 보안을 신속하게 강화할 수 있습니다.

이 문서의 내용

About securing your organization

GitHub has many features that help you improve and maintain the quality of your code. Some features are included in all GitHub plans. Additional features are available to organizations on GitHub Team and GitHub Enterprise Cloud that purchase a GitHub Advanced Security product:

  • GitHub Secret Protection, which includes features that help you detect and prevent secret leaks, such as secret scanning and push protection.
  • GitHub Code Security, which includes features that help you find and fix vulnerabilities, like code scanning, premium Dependabot features, and dependency review.

You can easily enable and manage GitHub's security features throughout your organization with security configurations, which control repository-level security features, and global settings, which control security features at the organization level. We recommend applying security configurations and customizing your global settings to create a system that best meets the security needs of your organization.

For more information on purchasing GitHub Secret Protection or GitHub Code Security, see About GitHub Advanced Security and Buying Advanced Security for your organization or enterprise in the GitHub Enterprise Cloud documentation.

About security configurations

Security configurations are collections of enablement settings for GitHub's security features that you can apply to any repository within an organization.

There are two types of security configuration:

  • The GitHub-recommended security configuration, which is a collection of enablement settings created and managed by subject matter experts at GitHub
  • Custom security configurations, which are configurations you can create and edit yourself, allowing you to meet your specific security needs

For more detailed information on security configurations, see Security configurations.

About global settings

While security configurations determine repository-level security settings, global settings determine your organization-level security settings, which are then inherited by all repositories. With global settings, you can customize how security features analyze your organization.

About enabling secure access to private registries

If your organization uses private registries, providing code scanning and Dependabot secure access to these registries will improve code analysis and allow Dependabot to update a wider range of dependencies. For information, see Giving security features access to private registries.

About integrating production context

If your organization uses Microsoft Defender for Cloud, JFrog Artifactory, or CI/CD to promote artifacts to production, you can integrate this data into GitHub. This production context helps you prioritize code scanning and Dependabot alerts. For more information, see Prioritizing Dependabot and code scanning alerts using production context.

Next steps

To determine which security configurations are right for the repositories in your organization, see Security configurations.