"GitHub Enterprise Server Gets New Security Capabilities"

GitHub recently announced the general availability of Enterprise Server 3.10 with new security capabilities, including support for custom deployment rules.  GitHub noted that with the new release, GitHub Projects is now generally available in Enterprise Server, providing administrators with increased visibility over issues and pull requests.  Now, teams using GitHub Actions can also create their own custom deployment protection rules to ensure that only "the deployments that pass all quality, security, and manual approval requirements make it to production." GitHub noted that the new release also provides administrators with additional control over the management and security of runners in GitHub Actions, allowing them to disable repository-level self-hosted runners across the entire organization and cross-user namespaces to ensure that jobs are hosted on centrally managed machines only.  GitHub stated that GitHub Enterprise Server 3.10 also makes it easier for developers to set up code scanning on their repositories, using the new default setup, without the need for YAML files.  The new default setup also allows teams to enable code scanning across multiple repositories at once.  According to GitHub, the new release also makes it easier for security teams to track coverage and risks across all repositories, from the enterprise-level "code security" pages, through the Dependabot feature.
 

SecurityWeek reports: "GitHub Enterprise Server Gets New Security Capabilities"