This version of GitHub Enterprise Server will be discontinued on 2024-09-24. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.
Using advanced secret scanning and push protection features
Learn how you can customize secret scanning to meet the needs of your company.
Who can use this feature?
Secret scanning is available for organization-owned repositories in GitHub Enterprise Server if your enterprise has a license for GitHub Advanced Security. For more information, see "About secret scanning alerts" and "About GitHub Advanced Security."
Excluding folders and files from secret scanning
You can customize secret scanning to exclude directories or files from analysis, by configuring a secret_scanning.yml file in your repository.
Custom patterns
You can extend the capabilities of secret scanning to search for your own patterns. These custom patterns can range from your service API keys to connection strings into cloud resources.