GitHub enhances secret scanning for tighter code security

GitHub enhances secret scanning for tighter code security

GitHub Advanced Security now allows developers to scan code for tokens, keys, and other security secrets as they push the code to a repository.

Credit: Dreamstime

GitHub has updated its Advanced Security service with a “push protection” capability. The new feature scans code for secrets such as access tokens, API keys, and other credentials as developers push the code to a repository, and blocks the push if a secret is identified.

With push protection, announced April 4, GitHub Advanced Security customers can guard against leaks by scanning for secrets before a git push is accepted. 

Available for enterprise accounts, GitHub Advanced Security provides services such as code scanning, dependency review, and secret scanning, which helps to ensure that secrets are not exposed in a repository. By scanning code for secrets, developers can proactively prevent leaks of credentials and safeguard against breaches attributed to credential misuse.

With GitHub Advanced Security’s push protection, secret scanning is embedded in the developer workflow. To enable this without disrupting development productivity, push protection only supports token types that can be accurately detected. 

GitHub said that its secret scanning feature has thus far detected more than 700,000 secrets across thousands of private repositories.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags GitHubsecurity


ARN Innovation Awards 2023

Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.

Show Comments