Feature enablement from the organization-level security coverage page
Feature enablement from the organization-level security coverage page
GitHub Blog Search
Search Results for: Security
Risk and coverage views on the Security tab for organizations (public beta)
Risk and coverage views on the Security tab for organizations (public beta)
The importance of improving supply chain security in open source
We think a lot about a high-profile supply chain attack that might cause developers, teams, and organizations to lose trust in open source. That’s why we’re investing in new ways to protect the open source ecosystem.
Security policy highlighted on repository overview
Security policy highlighted on repository overview
Creating a more inclusive security research field
A glimpse into the backgrounds and day-to-day work of several GitHub employees in cybersecurity roles.
Yellow security vulnerability repository banner is being removed
Yellow security vulnerability repository banner is being removed
Cybersecurity spotlight on bug bounty researcher @ahacker1
As we wrap up Cybersecurity Awareness Month, the GitHub bug bounty team is excited to spotlight one of the security researchers who participates in the GitHub Security Bug Bounty Program.
What we learned from the Security Lab’s Community Office Hours
The GitHub Security Lab provided office hours for open source projects looking to improve their security posture and reduce the risk of breach. Here’s what we learned and how you can also participate.
Dependabot can now generate security and version updates for Yarn v2 and v3
Dependabot can now generate security and version updates for Yarn v2 and v3
Git security vulnerabilities announced
Upgrade your local installation of Git, especially when cloning with --recurse-submodules from untrusted repositories, or if you use git shell interactive mode.
5 tips for embedding security into your workflows
Having a robust security plan is key to innovation. These tips will empower you to gain the upper hand on cyberattacks, so you can ship quickly and innovate with ease.
Introducing GitHub Advanced Security SIEM integrations for security professionals
Learn about using GitHub Advanced Security (GHAS) alerts with Security Information and Events Management (SIEM) tools. Check out the integrations, and read more about getting started.
GitHub’s supply chain security features now support Dart
Cross-platform apps built with the popular Flutter toolkit can now benefit from Dependabot alerts.
Detect secrets in your code more accurately with dry runs for custom patterns now available in GitHub Advanced Security
Learn how you can seamlessly define trusted custom secret patterns to detect secrets unique to your organization with GitHub Advanced Security.
Dependabot security updates removes unneeded transitive dependencies
Dependabot security updates removes unneeded transitive dependencies
Security alert: new phishing campaign targets GitHub users
On September 16, GitHub Security learned that threat actors were targeting GitHub users with a phishing campaign by impersonating CircleCI to harvest user credentials and two-factor codes. While GitHub itself was not affected, the campaign has impacted many victim organizations.
Update and configure code security enablement settings via the organization REST API
Update and configure code security enablement settings via the organization REST API
What you can expect at GitHub Universe 2022: cloud, security, community, and AI
Register now to attend GitHub Universe virtually or in-person at the Yerba Buena Center for the Arts in San Francisco on November 9-10.
False-alert flags will appear in users security log due to a bug in 2FA recovery events
False-alert flags will appear in users security log due to a bug in 2FA recovery events
Security overview is now available to all GitHub Enterprise users
Security overview is now available to all GitHub Enterprise users