Secure software development

Featured

A schematic diagram depicting the steps an SAST tool takes to scan the source code of an SQL application under an SQL injection attack. The first step is tokenizing the source code, the second is abstracting the source code, the third conducting semantic analysis, the fourth conducting taint analysis, and the last generating a security alert about the SQL injection vulnerability.

The architecture of SAST tools: An explainer for developers

More developers will have to fix security issues in the age of shifting left. Here, we break down how SAST tools can help them find and address vulnerabilities.

Default setup: A new way to enable GitHub code scanning

Default setup is a new way to automatically set up code scanning on your repository, without the use of a .yaml file.

Not just flightless birds: How EMUs secure and scale identity and access management for your GitHub Enterprise

GitHub Enterprise has evolved to support the needs of enterprise administrators, corporate security teams, and individual developers who contribute to open source.

All GitHub Enterprise users now have access to the security overview

Today, we’re expanding access to the GitHub security overview! All GitHub Enterprise customers now have access to the security overview, not just those with GitHub Advanced Security. Additionally, all users within an enterprise can now access the security overview, not just admins and security managers.

Latest

Improving Git protocol security on GitHub Enterprise Server

The recent changes to improve protocol security on GitHub.com are now coming to GitHub Enterprise Server, starting with version 3.6.

What’s new in security and user management for GitHub Enterprise

Learn how you can securely manage users with the latest ships for GitHub Enterprise.

Accelerate security adoption in your organization

The GitHub Services Engineers have released the Advanced Security Enforcer GitHub Action to enable organizations to utilize code scanning in a consistent and automated way.

Secure at every step: How GitHub’s dependency graph is generated

GitHub’s dependency graph identifies all upstream dependencies and public downstream dependents of a repository or package by parsing manifest files, so that you can better manage the security and compliance of your dependencies.

How to secure your GitHub organization and enterprise account

Protect your team’s code with secure software development best practices like setting up SAML/SCIM integrations, enforcing policies to avoid code leakage, and more.

Hardening your GitHub Enterprise Server

GitHub stores your source code, releases, and a vast amount of invaluable information in issues and pull requests. While GitHub Enterprise Server (GHES), our self hosted solution, provides great security by default, administrators can take additional steps to further harden their appliance. This post will guide you through the most important settings.

How organizations can tackle securing the world’s code

We all play a role in securing the world’s code. No one company can solve things alone, including GitHub, which is why it is critical to combine the energies of…

Keep your secrets synced across multiple repositories with organization secrets

Now you can define secrets for an organization, making it easier to keep secrets synced across multiple repositories.

Security best practices for GitHub Enterprise Server

Keep GitHub Enterprise Server secure with our recommendations for security best practices, from password protection to logging and auditing.

Lessons from Snyk: Make smarter decisions about your application’s security

Liran Tal, Developer Advocate at Snyk, shared a few key takeaways and advice from their 2019 Open Source Security Report.

Introducing new ways to keep your code secure

It’s more important than ever that every developer becomes a security developer—that they responsibly disclose vulnerabilities and patch vulnerable code quickly. Today, we’re excited to announce several new security features designed to make it easier for developers to secure their code.