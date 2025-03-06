GitHub Secret Protection ($19/month per active committer): Helps detect and prevent secret leaks using AI-powered detection, push protection, secret scanning, and security insights.

($19/month per active committer): Helps detect and prevent secret leaks using AI-powered detection, push protection, secret scanning, and security insights. GitHub Code Security ($30/month per active committer): Aims to identify and remediate vulnerabilities faster with code scanning, Copilot Autofix, security campaigns, and Dependency Review Action.

GitHub is making a major shift in its security offerings by unbundling GitHub Advanced Security (GHAS) into two standalone products—GitHub Secret Protection and GitHub Code Security. Starting April 1, 2025, organisations will have greater flexibility in adopting security solutions without requiring a GitHub Enterprise subscription.The two new products are:

The move is designed to enhance accessibility, affordability, and scalability for organisations of all sizes. Importantly, GitHub Team plan customers can now purchase these security tools independently, without needing a full Enterprise plan.

Why This Matters :

GitHub’s decision to offer standalone security solutions responds to customer demand for purchasing flexibility and cost efficiency. The company highlights three key benefits:

Katie Norton, Research Manager at IDC, praised the shift, stating, “With the introduction of Secret Protection and Code Security as separate products with a flexible pricing model, GitHub is broadening access to security tools designed for enterprise use in complex, large-scale development environments.”

Free Secret Risk Assessment Tool

In addition, GitHub is launching a free secret risk assessment tool on April 1, 2025. Available in the Security tab, this tool will help organisations analyse their secret leak exposure and take proactive steps to secure their environments.With this move, GitHub is reinforcing its commitment to improving security in software development while making its advanced security features more accessible to a wider range of businesses.