비밀 보안에 대한 개념

리포지토리에 커밋된 API 키, 암호 및 토큰과 같은 비밀은 권한이 없는 사용자가 악용하여 조직에 보안, 규정 준수 및 재정적 위험을 초래할 수 있습니다.

Prevent fraudulent use of your secrets by automatically detecting exposed credentials before they can be exploited.

Secure your secrets by stopping them from ever reaching your repository with push protection.

Learn how GitHub's security tools can help you identify, remediate, and prevent secret leaks.

다양한 형식 비밀 검사 경고에 대해 알아봅니다.

사용자 지정 패턴을 사용하여 조직과 관련된 비밀 유형을 검색합니다.

Validity checks and extended metadata checks help you prioritize remediation of exposed credentials that pose immediate security risks.

Maintain your secret security while unblocking trusted actors with delegated bypass for push protection.

Learn how bypass requests work when push protection blocks commits containing secrets.

When secret scanning detects authentication details for a service provider in a public repository on GitHub, an alert is sent directly to the provider. This allows service providers who are GitHub partners to promptly take action to secure their systems.

Learn about the different types of secrets used by GitHub.

조직 전반에 걸쳐 푸시 보호 성능을 이해하십시오.

Understand how GitHub uses push protection to prevent secret leaks from the command line.

Learn how you are protected from leaking secrets during interactions with the GitHub MCP server, and how to bypass a push protection block if you need to.

Learn your options for unblocking your push to GitHub using the REST API if secret scanning detects a secret in the content of your API request.