Bug Bounty third anniversary wrap-up
In honor of our Bug Bounty Program's third birthday, we kicked off a promotional bounty period in January and February. In addition to bonus payouts, the scope of the bug…
GitHub Blog Search
Search Results for: Security
A formal spec for GitHub Flavored Markdown
We're releasing a formal specification of the syntax for GitHub Flavored Markdown, and its corresponding reference implementation.
Powerful new features for businesses on GitHub.com
Today we're introducing a new Business offering that brings SAML single sign-on, automated provisioning and deprovisioning, 24/5 support, and guaranteed uptime to GitHub.com. With direct access to our developer community…
Discontinue support for weak cryptographic standards
Cryptographic standards are ever evolving. It is the canonical game of security cat and mouse, with attacks rendering older standards ill-suited, and driving the community to develop newer and stronger…
A glimpse into GitHub’s Bug Bounty workflow
Last month, we announced the third anniversary of our Bug Bounty Program. While there's still time to disclose your findings through the program, we wanted to pull back the curtain…
Organize your experts with ad hoc teams
Many engineering organizations sort developers into teams like application engineering, platform engineering, web development, systems, and quality. Structuring organizations in this way can leave blind spots that exclude the people…
Adding Community & Safety checks to new features
With the continuous shipping nature at GitHub, it's easy for the most well-intentioned feature to accidentally become the vector of abuse and harassment. The Community & Safety engineering team focuses…
New and improved two-factor lockout recovery process
Starting January 31, 2017, the Delegated Account Recovery feature will let you associate your GitHub account with your Facebook account, giving you a way back into GitHub in certain two-factor…
New and improved two-factor lockout recovery process
The Recover Accounts Elsewhere feature lets you associate your GitHub account with your Facebook account. This will help us recover your account for certain two-factor authentication lockout scenarios. For example,…
GitHub’s post-CSP journey
Last year we shared some details on GitHub's CSP journey. A journey was a good way to describe it, as our usage of Content Security Policy (CSP) significantly changed from…
Bug Bounty anniversary promotion: bigger bounties in January and February
The GitHub Bug Bounty Program is turning three years old. To celebrate, we're offering bigger bounties for the most severe bugs found in January and February. The bigger the bug,…
Game Off IV Highlights
Last month, we challenged you to create a game based on the theme hacking, modding, and/or augmenting. For all those that submitted entries, thank you! A little holiday gift will…
GitHub Enterprise 2.8 is now available with code review, project management tools, and Jupyter notebook rendering
GitHub Enterprise 2.8 adds power and versatility directly into your workflow with Reviews for more streamlined code review and discussion, Projects to bring development-centric project management into GitHub, and Jupyter…
octocatalog-diff: GitHub’s Puppet development and testing tool
Today we are announcing the open source release of octocatalog-diff: GitHub's Puppet development and testing tool. GitHub uses Puppet to configure the infrastructure that powers GitHub.com, comprised of hundreds of…
A whole new GitHub Universe: announcing new tools, forums, and features
Today I welcomed more than 1,500 people to our second annual Universe conference in San Francisco, an event designed to celebrate the people building the future of software. It’s an…
Hands-on workshops and training sessions at Universe
GitHub Universe will kick off on Tuesday, September 13, with a fun-filled day of training organized into distinct tracks for GitHub power users and dev ops specialists. Reserve your spot…
Summer internships at GitHub in San Francisco
Applications are now open for summer internships at GitHub. Interns will spend nine weeks from June to August working out of our headquarters in San Francisco with teams in engineering,…
SYN Flood Mitigation with synsanity
GitHub hosts a wide range of user content, and like all large websites this often causes us to become a target of denial of service attacks. Around a year ago,…
CodeConf LA: Recap & Special Thanks
Last week, 300 open source enthusiasts gathered in Los Angeles for CodeConf LA, and more than 500 people tuned in from around the world via live stream. The event opened…
GitHub’s 2015 Transparency Report
Last year, we wrote up our 2014 Transparency Report, the first report of its kind we've been able to do. It's important to continue to update our community on the…
“Open source everything you can:” Advice from open source experts at CodeConf LA
On June 27-29, join us at the Avalon Theater in Los Angeles for CodeConf 2016, where experts in open source systems will take the stage to share projects, practices, and…