Skip to main content

This version of GitHub Enterprise Server was discontinued on 2024-09-25. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.

Using advanced secret scanning and push protection features

Learn how you can customize secret scanning to meet the needs of your company.

Who can use this feature?

Secret scanning is available for the following repositories:

  • Organization-owned repositories with GitHub Advanced Security enabled
  • for an enterprise with GitHub Advanced Security enabled

Excluding folders and files from secret scanning

You can customize secret scanning to exclude directories or files from analysis, by configuring a secret_scanning.yml file in your repository.

Custom patterns

You can extend the capabilities of secret scanning to search for your own patterns. These custom patterns can range from your service API keys to connection strings into cloud resources.