You can enforce policies and permissions to keep your business safe without compromising collaboration.
Permissions & controls
On GitHub Enterprise you can create granular user roles, such as Virtual Machine Administrator, Site Administrator, and Standard User to control access and maintain the security principle of least privilege.
It also supports using Organizations as logical containers for business units and Repositories and Teams within Organizations to further segment and manage access.
We take every step possible to ensure each release is secure before we :shipit: from a dedicated application security team to an ever-evolving list of best practices.
Stop it before it starts
We perform architecture and code review and use automated static analysis tools to prevent vulnerabilities from being introduced. Plus, we subscribe to OS, software, and service provider security feeds and review vulnerability notices within 24 hours.
Changes to the GitHub codebase are automatically scanned for common developer mistakes, including the introduction of SQL injections, XSS, CSRF and mass assignment vulnerabilities.
Help from the outside
GitHub partners with security vendors to provide point-in-time security assessments and engages the community through a Bug Bounty Program where researchers are rewarded for responsibly disclosing any vulnerabilities they come across.
GitHub’s dedicated product security team consistently adds new security features and hardens existing features to make GitHub Enterprise more robust against attacks.
Start your Enterprise trial
Explore GitHub Enterprise’s security functionality on your own terms with a 45-day free trial. Setup takes just a few minutes.