Build like an open source community with GitHub Enterprise
To make it easier for businesses to securely embrace open source and keep up with the best technology has to offer, we’re launching several improvements to GitHub Enterprise. These new features will support businesses as they work toward their goals, encourage open collaboration, and build trust at scale.
The open source community is dynamic and interconnected, innovating across hundreds of thousands of developers—and enterprise software teams are learning fast. They’re relying on open source more than ever before and becoming what we call open source enterprises. They take part in developer communities to innovate at scale, follow open source collaboration best practices, and build trust through a secure and compliant platform.
To make it easier for businesses to securely embrace open source and keep up with the best technology has to offer, we’re launching several improvements to GitHub Enterprise. These new features will support businesses as they work toward their goals, encourage open collaboration, and build trust at scale.
Learn more about GitHub Enterprise
More effective team management
Manage users and teams effectively across GitHub projects, repositories, and organizations, no matter where you use GitHub. Simply and safely give your users and teams the access they need to do their jobs, increase quality, and build their best ideas.
- Enterprise account: Enterprise accounts are a new account type that connects organizations, creating more opportunities to collaborate and build innersource workflows. The new admin center allows you to meet your security and compliance needs with global administration and policy enforcement.
- New roles and permissions (beta): With the introduction of two new user roles, Triage and Maintain, enterprise teams can grow and scale securely, addressing their access control needs. Now administrators can recruit help, like triaging issues or managing users, from trusted contributors without also granting the ability to write to the repository or to change repository settings.
- Team synchronization (beta): Add groups from your identity provider to a team within GitHub and automatically keep membership synchronized. Automatic updates reduce administrative time—and make your process more audit-ready and secure. Learn more about team synchronization.
- Internal repositories (beta): Foster an innersource culture with a new setting for repository visibility. Enterprises can create internal repositories that are visible only to their developers, opening up more ways to reuse code and build communities within your company.
- Organization insights (beta): Get a better understanding of how your organization collaborates in GitHub and get ahead of your talent needs with deeper insights into programming languages used in your products.
- Audit log API (beta): Now GitHub Enterprise Cloud administrators can access audit log events using our GraphQL API. Dig into your audit log to get detailed security and compliance insights—and analyze data on user access, team creation, and more to move your organization closer to their goals.
Building trust at scale
Security is a priority for businesses determined to protect their code, data, and users. These new features provide the security and compliance tools enterprise teams need to bring open source to their organizations.
- Dependency insights: A new dashboard allows Enterprises to better audit and report on their open source dependencies, including details on security vulnerabilities and open source licenses.
- Security vulnerability alerts and token scanning: Previously announced as betas, these features are now generally available. Get a notification when a project your software depends on has a known vulnerability so you can take action. Token scanning extends support to Mailgun, Alibaba Cloud, and Twilio to make sure your tokens and keys stay private.
- WhiteSource vulnerability data partnership: Our new partnership with WhiteSource broadens our coverage of potential security vulnerabilities in open source projects and provides increased detail on how to assess and remediate vulnerabilities.
- Automated security fixes: Powered by Dependabot, GitHub keeps your projects secure and up-to-date by monitoring your dependencies for known security vulnerabilities and automatically opening pull requests to update them.
- Git data encryption at rest: Git data, Wikis and Gists are encrypted at rest on GitHub Enterprise Cloud for increased data security.
Learn more about the latest security features
New ways to work better, together
Remove friction from your daily collaboration with these new Enterprise features.
- Draft pull requests: Create a draft pull request to ask for input, get feedback on an approach, or refine work before it’s ready for review.
- Statuses: Set a status on your GitHub profile to let people know when you’re available—or when you’re sick, out of office, or just taking some time off.
- Learning Lab courses: Speed up your team’s adoption of open source best practices by ramping up with new Learning Lab courses. You’ll learn how to implement innersource, become an open source enterprise, and more.
Uncapped IP indemnification
- Customers will be protected for their use of GitHub. Specifically, from claims alleging that GitHub products or services, including any open source components we reuse in our products or services, infringe third-party IP rights.
To learn more about these new features and see what else we launched at Satellite, register for the May 29 Check-In webcast in your region: Asia Pacific, Europe, or Americas.
Tags:
Written by
Related posts
GitHub Actions, Arm64, and the future of automotive software development
Learn how GitHub’s Enterprise Cloud, GitHub Actions, and Arm’s latest Automotive Enhanced processors, work together to usher in a new era of efficient, scalable, and flexible automotive software creation.
The architecture of SAST tools: An explainer for developers
More developers will have to fix security issues in the age of shifting left. Here, we break down how SAST tools can help them find and address vulnerabilities.
Frenemies to friends: Developers and security tools
When socializing a new security tool, it IS possible to build a bottom-up security culture where engineering has a seat at the table. Let’s explore some effective strategies witnessed by the GitHub technical sales team to make this shift successful.