Adopting GitHub Advanced Security at scale

You can adopt GitHub Advanced Security at scale in your company following industry and GitHub best practices.

Before enabling GitHub Code Security and GitHub Secret Protection features, plan how these GHAS products should be rolled out across your enterprise.

In this phase you will prepare developers and collect data about your repositories to ensure your teams are ready and you have everything you need for pilot programs and rolling out code scanning and secret scanning.

You may benefit from beginning with a few high-impact projects and teams with which to pilot an initial rollout. This will allow an initial group within your company to get familiar with GHAS, learn how to enable and configure GHAS, and build a solid foundation on GHAS before rolling out to the remainder of your company.

You will create internal documentation and then communicate this to the consumers of GitHub Advanced Security.

You can use security configurations to rollout code scanning across your enterprise.

For the final phase, you will focus on the rollout of secret scanning. Secret scanning is a more straightforward tool to rollout than code scanning, as it involves less configuration, but it's critical to have a strategy for handling new and old results.