Search results for: Security

An illustration of two octocats repairing a robot.

Deprecation of security-related organization API fields

We have deprecated the following fields from the get an organization and update an organization REST API endpoints: advanced_security_enabled_for_new_repositories dependabot_alerts_enabled_for_new_repositories dependabot_security_updates_enabled_for_new_repositories dependency_graph_enabled_for_new_repositories secret_scanning_enabled_for_new_repositories secret_scanning_push_protection_enabled_for_new_repositories secret_scanning_validity_checks_enabled GitHub Code Security configurations now…

Copilot moves through a decorative field of floating cubes marked with sync and check icons.

AI & ML

Hack the AI agent: Build agentic AI security skills with the GitHub Secure Code Game

Learn to find and exploit real-world agentic AI vulnerabilities through five progressive challenges in this free, open source game that over 10,000 developers have already used to sharpen their security skills.

Screenshot of security assessment result with Ask Copilot button.

Changelog

Ask Copilot in security assessments now available

Organization admins and security managers can now jump into a Copilot experience directly from secret risk assessment or Code Security risk assessment results to get contextual explanations and guided next…

Screenshot of the new Code Security risk assessment

Changelog

Code Security risk assessment available for organizations

Organization admins and security managers can now run a free Code Security risk assessment to review security vulnerabilities across their organization. The assessment summarizes vulnerabilities by severity, rule type, and…

Runtime context available as filters for security alerts and campaigns

Changelog

Prioritize security alerts with runtime context from Dynatrace

You can now use runtime context from Dynatrace to prioritize GitHub Advanced Security alerts based on deployed artifacts and runtime risk in your Kubernetes environment. When you connect Dynatrace to…

Changelog

Code scanning: Batch apply security alert suggestions on pull requests

GitHub code scanning alerts on pull requests are now easier to address with bulk actions. You can now apply fixes for code scanning alerts in the Files changed tab by…

Changelog

The Security tab is now Security & quality

The top-level Security tab across repositories, organizations, and enterprises has been renamed to Security & quality on github.com. This change restructures the navigation to colocate code quality findings alongside security…

Screen showing a CodeQL pull requests insights on security overview.

Changelog

CodeQL pull requests insights on security overview now cover all protected branches

The CodeQL pull request insights tab in GitHub security overview now reports Copilot Autofix and alert statistics from all protected branches, not just the default branch. This gives you a…

Developer skills

GitHub for Beginners: Getting started with GitHub security

Learn how to secure your projects and keep them safe with GitHub Advanced Security.

News & insights

What’s coming to our GitHub Actions 2026 security roadmap

A look at GitHub Actions’ 2026 roadmap, outlining how secure defaults, policy controls, and CI/CD observability harden the software supply chain end to end.

Changelog

Upcoming deprecation of security-related organization API fields

On April 21, 2026, we’re deprecating and removing the following fields from the get an organization and update an organization REST API endpoints: advanced_security_enabled_for_new_repositories dependabot_alerts_enabled_for_new_repositories dependabot_security_updates_enabled_for_new_repositories dependency_graph_enabled_for_new_repositories secret_scanning_enabled_for_new_repositories secret_scanning_push_protection_enabled_for_new_repositories secret_scanning_validity_checks_enabled…

Application security

The world's largest developer platform

Docs

Everything you need to master GitHub, all in one place.

Go to Docs

GitHub

Build what’s next on GitHub, the place for anyone from anywhere to build anything.

Start building

Customer stories

Meet the companies and engineering teams that build with GitHub.

Learn more

The GitHub Podcast

Catch up on the GitHub podcast, a show dedicated to the topics, trends, stories and culture in and around the open source developer community on GitHub.

Listen now

Search results for: Security

Deprecation of security-related organization API fields

Hack the AI agent: Build agentic AI security skills with the GitHub Secure Code Game

Ask Copilot in security assessments now available

Code Security risk assessment available for organizations

Prioritize security alerts with runtime context from Dynatrace

Code scanning: Batch apply security alert suggestions on pull requests

The Security tab is now Security & quality

CodeQL pull requests insights on security overview now cover all protected branches

GitHub for Beginners: Getting started with GitHub security

What’s coming to our GitHub Actions 2026 security roadmap

Upcoming deprecation of security-related organization API fields

GitHub expands application security coverage with AI‑powered detections

GitHub Advanced Security setup made simple

Code Quality permissions removed from security manager role

Under the hood: Security architecture of GitHub Agentic Workflows

How to scan for vulnerabilities with GitHub Security Lab’s open source AI-powered framework

Lock and unlock draft repository security advisories

npm bulk trusted publishing config and script security now generally available

Securing the AI software supply chain: Security results across 67 open source projects

AI-supported vulnerability triage with the GitHub Security Lab Taskflow Agent

Strengthen your supply chain with code-to-cloud traceability and SLSA Build Level 3 security

The world's largest developer platform

Docs

GitHub

Customer stories

The GitHub Podcast