About securing your organization
GitHub offers many security features including GitHub Advanced Security, a suite of features designed to protect your organization from vulnerabilities in your code, insecure dependencies, leaked secrets, and more.
You can easily enable and manage GitHub's security features throughout your organization with security configurations, which control repository-level security features, and global settings, which control security features at the organization level. We recommend applying security configurations and customizing your global settings to create a system that best meets the security needs of your organization.
For more information on purchasing GitHub Advanced Security, see About GitHub Advanced Security and Buying Advanced Security for your organization or enterprise in the GitHub Enterprise Cloud documentation.
About security configurations
Security configurations are collections of enablement settings for GitHub's security features that you can apply to any repository within an organization.
When you create a security configuration, you can choose different enablement settings to meet the specific security needs of a group of repositories.
To learn how to create custom security configurations, see Creating a custom security configuration.
About global settings
While security configurations determine repository-level security settings, global settings determine your organization-level security settings, which are then inherited by all repositories. With global settings, you can customize how security features analyze your organization, as well as grant a team permission to manage security alerts and settings across your organization.
Next steps
To get started with creating a security configuration for your organization, see Creating a custom security configuration.