GitHub Team plan customers can purchase these security products without requiring a GitHub Enterprise subscription. This expanded access allows organisations of all sizes to adopt enterprise-grade security features as they build and ship code. Contact sales for help evaluating your security needs/options. If you’d like more technical information, check out the GitHub changelog.
Why this matters
Our customers have told us that they value purchasing flexibility, accessibility, and cost efficiency when securing their code. We’re responding to that feedback by making GitHub’s security solutions:
- More flexible – Development teams can now adopt Secret Protection or Code Security
independently, scaling security as needed without committing to a bundled solution.
- More accessible – GitHub Team plan customers can adopt enterprise-grade security,
lowering the barrier to adoption.
- More cost-effective – Metered billing offers no long-term commitment, allowing teams to
pay for security as needed without being locked into multi-year contracts.
“Historically, GitHub has taken an integrated approach to application security, embedding security features such as code scanning, Copilot Autofix, secret scanning, and dependency management within GitHub Advanced Security, says Katie Norton, research manager of DevSecOps and software supply chain security at IDC. With the introduction of Secret Protection and Code Security as separate products with a flexible pricing model. GitHub is broadening access to security tools designed for enterprise use in complex, large-scale development environments. With this change, organisations of all sizes have expanded choice in implementing protections against leaked secrets and vulnerable code, two prevalent risks in application security today”
Introducing the secret risk assessment
To help organisations understand their secret leak exposure across GitHub, we’re launching a free secret risk assessment. Available on April 1 in the Security tab, this tool gives admins and developers a clear view of where secrets are exposed across their organisation, helping them take proactive steps to secure their environments.
What’s next?
Security is ever evolving, and so should the solutions teams rely on. With GitHub Secret Protection and GitHub Code Security, organisations of all sizes now have the flexibility to choose the security capabilities that best fit their needs, enabling developers to build secure, high-quality code by default on GitHub,