Search results for: Security

Today, we’re excited to announce the general availability of our new organization and enterprise-level security overview dashboards, alongside enhanced secret scanning metrics and the enablement trends reports. These features are…

GitHub Enterprise Cloud customers can now see code security configurations data in audit log events. Code security configurations simplify the rollout of GitHub security products at scale by defining collections…

The REST API now supports the following code security configuration actions for organizations: – Detach configurations from repositories – Enforce configurations – Enable validity checks for secret scanning in a…

Organization owners and security managers can now filter the table of repositories on the code security configurations settings page by configuration attachment failure reason. This is useful when you’ve attempted…

Code security configurations are now generally available (GA)! Code security configurations simplify the rollout of GitHub security products at scale. They help you define collections of security settings and apply…

Code security configurations will be made generally available (GA) on July 10th, 2024. At that point, we will sunset the organization-level code security settings UI experience along with the API…

Starting today, you can enable validity checks for your GitHub organization through security configurations. You can also enable or disable validity checks at the enterprise level for all enterprise repos.…

You can now use the REST API to create and manage code security configurations, as well as attach them to repositories at scale. The API supports the following code security configuration actions…

GitHub is committed to a secure software ecosystem and requires most developers who contribute code on GitHub.com to enable one or more forms of two-factor authentication (2FA).To ensure that all…

Let’s take a look at 10 key moments from the first decade of the GitHub Security Bug Bounty program.

Configurations are collections of security settings that organization administrators and security managers can define to help roll out GitHub security products at scale. Starting today, you can enforce configurations. This…

Gain valuable insights and effectively monitor your enterprise’s security landscape and progress with two new enterprise-level pages: the security overview dashboard and secret scanning metrics. Key features Customizable filters: Select…

As of today, May 15th, 2024, you will no longer be able to create security advisories in private repositories. Formerly published advisories will no longer be available. This change does…

Here’s how SAST tools combine generative AI with code scanning to help you deliver features faster and keep vulnerabilities out of code.

The new Tool group-by option on the security overview trends graph provides a visualization of alert trends, organized by the security tools that detected each vulnerability. It’s designed to improve…

Learn how to use CodeQL for security research and improve your security research workflow.

For enterprise owners and security managers dedicated to managing security products, we are excited to announce a new capability: you can now gain historical insights into security products enablement trends…

Today, we’re releasing security tool-specific filters for the security overview dashboard and secret scanning metrics page. Have you ever wondered, “How well is my organization handling SQL injections?” or “How…

This blog post is an in-depth walkthrough on how we perform security research leveraging GitHub features, including code scanning, CodeQL, and Codespaces.

GitHub-hosted runners now support Azure private networking. Plus, we’ve added 2 vCPU Linux, 4 vCPU Windows, macOS L, macOS XL, and GPU hosted runners to our runner fleet.

Code security configurations simplify the rollout of GitHub security products at scale by defining collections of security settings that can be applied to groups of repositories. Your organization can apply…