This version of GitHub Enterprise Server will be discontinued on 2024-09-24. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.

Introduction to secret scanning

Learn how secret scanning detects secrets in existing content and new commits, helping you to avoid exposing sensitive data that could be exploited.

Who can use this feature?

Secret scanning is available for organization-owned repositories in GitHub Enterprise Server if your enterprise has a license for GitHub Advanced Security. For more information, see "About secret scanning alerts" and "About GitHub Advanced Security."

About secret scanning

GitHub Enterprise Server scans repositories for known types of secrets, to prevent fraudulent use of secrets that were committed accidentally.

About push protection

Push protection blocks contributors from pushing secrets to a repository and generates an alert whenever a contributor bypasses the block. You can apply push protection at repository or organization level.

Supported secret scanning patterns

Lists of supported secrets and the partners that GitHub works with to prevent fraudulent use of secrets that were committed accidentally.