At GitHub, we believe that investing in the security of your codebase should be accessible for organizations of all sizes.
Starting today, GitHub Team plan customers can purchase GitHub Secret Protection and GitHub Code Security without upgrading your organization to GitHub Enterprise. This makes it easier to secure your codebase with GitHub Advanced Security products.
GitHub Secret Protection
GitHub Team organizations can purchase GitHub Secret Protection, which detects and prevents secret leaks (e.g. secret scanning, AI-detected passwords, and push protection for secrets).
Secret Protection will be available for $19 per month per active committer, with features including:
Push protection, to prevent secret leaks before they happen.
AI detection with a low rate of false positives, so you can focus on what matters.
Secret scanning alerts with notifications, to help you catch exposures before they become a problem.
Custom patterns for secrets, so you can search for sensitive, organization-specific information.
Security overview, which provides insight into distribution of risk across your organization.
Push protection and alert dismissal enforcement for secrets, which supports governance at enterprise scale.
In addition, we’re launching a new scanning feature to help organizations understand their secret leak footprint across their GitHub perimeter. This feature is free for GitHub Team organizations.
GitHub Code Security
GitHub Team organizations will also be able to purchase Code Security, which detects and fixes vulnerabilities in your code before it reaches production.
Code Security will be available for $30 per month per active committer, with features including:
Copilot Autofix for vulnerabilities in existing code and pull requests to provide developer-first security management.
Security campaigns to address security debt at scale.
Dependabot features for protection against dependency-based vulnerabilities.
Security overview, which provides insight into the distribution of risk across your organization.
Security findings for third-party tools.
Get Started
To get started, admins can navigate to Advanced Security under their organization or repository settings. From this page, you can choose to enable and purchase Secret Protection or Code Security features.
For example, from your organization settings, you can navigate to Security / Advanced Security / Configurations in order to create a new configuration with Secret Protection features enabled. Learn more about enabling GitHub Advanced Security.
In addition, admins can enable Secret Protection features in one click from their organization’s Security tab. Once the secret risk assessment has been run for your organization, you’ll be able to enable Secret Protection in one click from the system banner.
We’re rolling out two exciting new features in the latest GitHub Desktop Beta to make your workflow even smoother:
Multi-domain support: Do you work across multiple GitHub instances? You can now sign into more than one domain so you can focus more on your code and less on sign-in flows.
Filterable changes: Do you find yourself endlessly scrolling through a long list of changed files? Now, you can filter by filename to review your changes faster. This makes it easier to locate and select exactly what you need for your next commit!
Moving forward, we recommend using GitHub Enterprise Importer (GEI) to migrate repositories to GitHub’s cloud-based products. If you are interested in migrating GitLab repositories to GitHub using GEI, please contact our Expert Services team.
