Home What Extra Features come with GitHub Advanced Security?
Security Overview for an Organization with GitHub Advanced Security

What Extra Features come with GitHub Advanced Security?


GitHub Advanced Security (GHAS) is an addon for those on GitHub Enterprise Cloud. While it costs extra, the code scanning, secret scanning, and the dependency review feature set is quite rich. Pretty much all of these features are enabled by default for Public Repos hosted on github.com (with the exception of the organization-level security overview and custom secret scanning patterns), so you can easily create a repo with some sample code from your personal GitHub account to test.

GitHub Advanced Security Feature Comparison

I made this chart a while back for a client when helping them determine if the GHAS addon was worth it to them:


  • GHEC = GitHub Enterprise Cloud
  • GHAS = GitHub Advanced Security
  • * - Note that you won’t see a secret scanning menu for public repos, you will just get an email when a secret was committed to the repo and that the secret was (likely) automatically rolled or disabled
This post is licensed under CC BY 4.0 by the author.

Powerlevel10k Zsh Theme in GitHub Codespaces

Connecting Azure Boards Github App to Multiple Azure DevOps Orgs