Best practices to keep your projects secure on GitHub
These days software is subject to an ever-changing threat landscape. Check out the many ways you can keep your projects secure on GitHub today.
GitHub Blog Search
These days software is subject to an ever-changing threat landscape. Check out the many ways you can keep your projects secure on GitHub today.
Do you worry that a CVE will hurt the reputation of your project? In reality, CVEs are a tracking number, and nothing more. Here's how we think of them at GitHub.
From plug-and-play automations to protected branches, here are simple ways any developer can build more secure software on GitHub—all with a free account.
We’re kicking off InFocus, a global virtual event focused on accelerating, securing, and improving the way software development teams work.
Another new release of Git is here! Take a look at some of our highlights on what's new in Git 2.36.
Dependabot alerts show vulnerable function calls (Python Beta)
Today, we're shipping a new feature for Dependabot alerts which helps you better understand how you're affected by a vulnerability.
Secret scanning detects and revokes leaked passwords
Secret scanning: Dry runs for organization-level custom patterns
Ensuring secure access to your source code is more important than ever. Git Credential Manager helps make that easy.
Learn how to build packages with SLSA 3 provenance using GitHub Actions.
Secret scanning custom pattern events now in the audit log
Dependabot Alert API adds relevant update info to the schema
The new dependency review action and API prevents the introduction of known supply chain vulnerabilities into your code.
We want to take away the pain and effort of keeping your code secure, so check out how Dependabot empowers developers to keep to their projects secure.