Secure software development
Ensure compliant and secure software development workflows with GitHub Enterprise, which includes fine-grained permissions and controls and can be hosted behind your firewall.
Check all the right boxes
GitHub Enterprise is built from the ground up to enable secure and compliant software development workflows. Deploy it on your own servers or in a private cloud.
Monitor actions
Audit logs capture actions like logins, password resets, two-factor authentication (2FA) requests, repository access, and browser and API data access. Plus, they’re searchable!
Verify changes
Prove who authored code or pushed a change to production with GPG signature verification. Developers can sign their code, providing auditable assurance a commit is from a verified source.
Automate workflows
Automate compliance workflows and verify commits against regulatory checks before they’re accepted, disable force pushes to specific branches, and require status checks on protected branches.
Read more about GPG signature verification and protected branches.
Create essential controls
You can enforce policies and permissions to keep your business safe without compromising collaboration.
Permissions & controls
On GitHub Enterprise you can create granular user roles, such as Virtual Machine Administrator, Site Administrator, and Standard User to control access and maintain the security principle of least privilege.
It also supports using Organizations as logical containers for business units and Repositories and Teams within Organizations to further segment and manage access.
Authentication
GitHub Enterprise allows you to use its built-in authentication or provision and manage users on your terms by connecting existing external authentication systems.
- External LDAP, SAML, or CAS authentication using your Active Directory, SAML Identity Provider, or other compatible services.
- Username/password or PKI based authentication support with optional two-factor authentication.
- OAuth and Personal Access Tokens for API and external service authentication.
Security practices at GitHub
We take every step possible to ensure each release is secure before we :shipit: from a dedicated application security team to an ever-evolving list of best practices.
Stop it before it starts
We perform architecture and code review and use automated static analysis tools to prevent vulnerabilities from being introduced. Plus, we subscribe to OS, software, and service provider security feeds and review vulnerability notices within 24 hours.
Automatic protections
Changes to the GitHub codebase are automatically scanned for common developer mistakes, including the introduction of SQL injections, XSS, CSRF and mass assignment vulnerabilities.
Help from the outside
GitHub partners with security vendors to provide point-in-time security assessments and engages the community through a Bug Bounty Program where researchers are rewarded for responsibly disclosing any vulnerabilities they come across.
Proactive investment
GitHub’s dedicated product security team consistently adds new security features and hardens existing features to make GitHub Enterprise more robust against attacks.
Start your Enterprise trial
Explore GitHub Enterprise’s security functionality on your own terms with a 45-day free trial. Setup takes just a few minutes.
Try it for free
