Search results for: Security

Today, we are announcing public beta of required workflows in GitHub Actions 🎉 Required workflows allow DevOps teams to define and enforce standard CI/CD practices across many source code repositories…

Default setup is a new way to automatically set up code scanning on your repository, without the use of a .yaml file.

Code scanning can now be easily setup with a few button clicks, and without committing a workflow file to the repository. Code scanning’s new default setup feature automatically finds and…

GitHub Advanced Security customers can view an event in their organization or enterprise audit log when an admin enables or disables push protection for a custom pattern at the repository,…

As of last month, GitHub Advanced Security customers can enable push protection for push protection for any custom pattern defined at the repository or organization level. Now, customers can also…

Learn about the design behind, and solutions to, several of GitHub’s CTF challenge for Ekoparty’s 2022 event!

As the year winds down, we’re highlighting some of the incredible work from GitHub’s engineers, product teams, and security researchers.

Forrester’s Total Economic Impact™ study dives into how GitHub Enterprise Cloud and GitHub Advanced Security help businesses drive ROI, increase developer productivity, and save time on developer onboarding.

GitHub Enterprise has evolved to support the needs of enterprise administrators, corporate security teams, and individual developers who contribute to open source.

Our engineering and security teams do some incredible work. Let’s take a look at how we use GitHub to be more productive, build collaboratively, and shift security left.

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

Secret scanning alerts for third party API key detections now include a link to relevant documentation provided by the service provider, where available. These links are intended to help users…

GitHub Actions hosted runner images are now more secure than ever, with the ability to see exactly what software is pre-installed on the image that was used by the runner…

Previously, GitHub Advanced Security customers could enable push protection for all patterns supported by default. Now, admins can also enable push protection for any custom pattern defined at the repository…

Previously, only organizations with GitHub Advanced Security could enable secret scanning’s user experience on their repositories. Now, any admin of a public repository on GitHub.com can detect leaked secrets in…

GitHub now allows you to track any leaked secrets in your public repository, for free. With secret scanning alerts, you can track and action on leaked secrets directly within GitHub.

Enterprises with GitHub Advanced Security can now enable secret scanning and push protection on all their organizations using a single call to an enterprise-level REST API endpoint. You can also…

We’ve hardened our Dependabot support for private registries such that it will no longer make package requests to public registries if private registries are configured for the following ecosystems: Bundler…

Another new release of Git is here to end the year! Take a look at some of our highlights on what’s new in Git 2.39.

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…

GitHub Security was recently notified about a caching issue affecting npm. This bug had been present since 2016 and sporadically caused npm maintainers to be re-invited upon removal from packages…