Search results for: Security

Security risk and coverage pages are now generally available and replace the enterprise-level overview page

Use GitHub code search to support security research with multi-repostiory variant analysis for CodeQL (beta)

Risk and coverage views on the Code Security tab for enterprises (public beta)

Fix to improve security around creation of pull requests in public repos

GitHub Advanced Security trial now available on GitHub Enterprise Cloud

Security enhancements to required approvals on pull requests

We’ve launched the beta of code scanning support for Swift. This launch, paired with our launch of Kotlin support in November, means that CodeQL covers both IOS and Android development languages, bringing a heightened level of security to the mobile application development process.

GitHub Advanced Security for Azure DevOps is now available for public preview, making GitHub’s same application security testing tools natively available on Azure Repos.

Secret scanning’s push protection now generally available for GitHub Advanced Security

Code scanning’s tool status gives you a bird’s eye view of your application security stack, allowing you to quickly confirm everything is working, or troubleshoot any tool in your application security arsenal.

A new set of Git releases were published to address a variety of security vulnerabilities. All users are encouraged to upgrade. Take a look at GitHub’s view of the latest round of releases.

Enable security features for multiple repositories from your organization-level security coverage page

Repository security advisories REST API

Incremental improvements to the security coverage enablement slide-out panel

You can now use the “security extended” query suite in code scanning default setup with CodeQL

Learn about using GitHub Advanced Security alerts with vulnerability management tools. Check out the integrations and learn about how to get started.

On March 13, we will officially begin rolling out our initiative to require all developers who contribute code on GitHub.com to enable one or more forms of two-factor authentication (2FA) by the end of 2023. Read on to learn about what the process entails and how you can help secure the software supply chain with 2FA.

Multi-repository variant analysis lets you scale security research across thousands of repositories, giving you a powerful tool to find and respond to newly discovered vulnerabilities.

Learn how teams can leverage the power of GitHub Advanced Security’s code scanning and GitHub Actions to integrate the right security testing tools at the right time.

Security advisories now have multiple types of credits

The GitHub Security Lab audited DataHub, an open source metadata platform, and discovered several vulnerabilities in the platform’s authentication and authorization modules. These vulnerabilities could have enabled an attacker to bypass authentication and gain access to sensitive data stored on the platform.