Skip to content

Secure software development

GitHub Enterprise is built to support your secure and compliant software development workflows. Commit signing, access management, SAML single sign-on, audit logs, and more keep your code safe throughout the entire development lifecycle, from idea to production.

See more security features and meet the team

Compliance

Check all the right boxes

Build secure, repeatable, and traceable processes that support your compliance needs.

Monitor actions

Audit logs capture actions like logins, password resets, two-factor authentication (2FA) requests, repository access, and browser and API data access. Plus, they’re searchable.

Verify changes

Prove who authored code or pushed a change to production with GPG or S/MIME signature verification. Developers can sign their code, providing auditable assurance a commit is from a verified source.

Automate workflows

Automate compliance workflows and verify commits against regulatory checks
 before they’re accepted, disable force pushes to specific branches, and require status checks on protected branches.


Read more about GPG signature verification and protected branches.

Controls

Create essential controls

Enforce policies and permissions to keep your business safe without compromising on collaboration.

Permissions and controls

Create granular administrative and user roles to control access and maintain the security principle of least privilege.

GitHub Enterprise supports organizations as logical containers for business units, and repositories and teams help further segment and manage access.

Read the documentation

Authentication

GitHub Enterprise allows you to use its built-in authentication or provision and manage users on your terms by connecting existing external authentication systems.

  • External SAML identity provider for Enterprise Cloud and compatible authentication services, including LDAP or CAS, for Enterprise Server.
  • Username/password or PKI based authentication support with optional two-factor authentication.
  • OAuth and Personal Access Tokens for API and external service authentication.

Protection

Security practices at GitHub

We take every step possible to ensure each release is secure before we :shipit: from a dedicated application security team to an ever-evolving list of best practices.

Stoplight

Stop it before it starts

We perform architecture and code review and use automated static analysis tools to prevent vulnerabilities from being introduced. Plus, we subscribe to OS, software, and service provider security feeds and review vulnerability notices within 24 hours.

Graph

Automatic protections

Changes to the GitHub codebase are automatically scanned for common developer mistakes, including the introduction of SQL injections, XSS, CSRF and mass assignment vulnerabilities.

Bugs

Help from the outside

GitHub partners with security vendors to provide point-in-time security assessments and engages the community through a Bug Bounty Program where researchers are rewarded for responsibly disclosing any vulnerabilities they come across.

Locked safe

Proactive investment

GitHub’s dedicated product security team consistently adds new security features and hardens existing features to make GitHub Enterprise more robust against attacks.

Get started with GitHub Enterprise

Team

$9

Per user / month

Advanced collaboration and
management tools for teams

  • ∞Unlimited public repositories
  • ∞Unlimited private repositories
  • ✓10,000 total Action minutes/month See pricing details
  • ✓2GB of GitHub Packages storage See pricing details
  • ✓Advanced vulnerability scanning for public repositories
  • ✓Automated security updates
  • ✓GitHub Security Advisories
  • ✓Team access controls
  • ✓User management and billing
  • ✓Issues and bug tracking
  • ✓Project management
  • ✓Advanced tools and insights
  • ✓Private GitHub pages and wikis
  • ✓Private protected branches
  • ✓Code owners

Starts at $25 / month and includes your first 5 users

Free to academic faculty for teaching or non-profit research

Choose Team

Enterprise

Contact Sales
for pricing

Security, compliance, and deployment controls for organizations

  • Everything included in Team

  • ✓50,000 total Action minutes/month See pricing details
  • ✓50GB of GitHub Packages storage See pricing details
  • ✓Self-hosted or cloud-hosted
  • ✓SAML single sign-on
  • ✓Access provisioning
  • ✓Simplified account administration
  • ✓Unified search and contributions
  • ✓Priority support
  • ✓99.95% uptime SLA for Enterprise Cloud
  • ✓Invoice billing
  • ✓Advanced auditing
  • +Advanced vulnerability scanning available Contact us for details

Questions?

Learn more about Enterprise

Free for educational institutions participating in the GitHub Education program

Choose Enterprise
  • Airbnb
  • IBM
  • SAP
  • PayPal
  • Spotify
  • Bloomberg
You can’t perform that action at this time.