Enterprise Should Automatically Enable Advanced Security Across All Organizations/Repositories

policy name: enable_ghas_for_new_orgs

severity: MEDIUM

Description

Advanced Security includes code scanning, secret scanning and dependency review. These features protect your repositories from containing vulnerable data. Prevents the risk of unauthorized access or exploitation of vulnerabilities.

Remediation

1. Make sure you are an enterprise owner
2. Go to the Enterprise Settings page
3. Under the ‘Settings’ tab choose ‘Code security and analysis’
4. Check ‘Automatically enable for new repositories’