The github-plugin has a web hook trigger that can be used to notify Jenkins when a push has occurred and that a build should also happen.
By enabling this permission you grant anonymous external READ access to the /github-webhook URL so that the request can be received.
The github-plugin checks that a change has actually occurred so this should be safe to enable.