Search results for: Security

The public roadmap is designed to give your team more information about what features and functionality you can expect from GitHub over the coming quarters.

Protect your team’s code with secure software development best practices like setting up SAML/SCIM integrations, enforcing policies to avoid code leakage, and more.

Last week, the Court of Justice of the European Union (CJEU) ruled the EU-US Privacy Shield, a mechanism governing personal data transfers from the EU to the US, is invalid due to concerns…

Keep dependencies up to date, to make sure you can quickly apply a patch when it really matters – when there’s a critical security vulnerability.

Our Secret Scanning program adds five new partners

GitHub stores your source code, releases, and a vast amount of invaluable information in issues and pull requests. While GitHub Enterprise Server (GHES), our self hosted solution, provides great security by default, administrators can take additional steps to further harden their appliance. This post will guide you through the most important settings.

GitHub dependency insights helps both developers and security teams manage their open source security with confidence—automatically compiling relevant CVE information, aiding in OSS license compliance, and helping them better understand their OSS dependency versions.

We all play a role in securing the world’s code. No one company can solve things alone, including GitHub, which is why it is critical to combine the energies of…

Securing the open source supply chain is critically important for developer communities and the entire software ecosystem. In recent years, the industry has seen an uptick in the adoption of…

Using open source static analysis tools with code scanning

Authentication is a critical component to your daily development. When working in open source, you need to prove that you have rights to update a branch with git push. Additionally…

Last week, GitHub joined over 500 organizations signing a letter to the U.S. Congress seeking continued support for the Open Technology Fund (OTF) and its mission of funding open source…

The GitHub Workplace Experience team weighs in on how to get creative during COVID-19 and what the future holds.

GitHub Actions allows you to automate your workflow. With GitHub Actions, you can deploy to any cloud, build containers, automate messages, and do so much more. Use any tool you…

GitHub Enterprise Server 2.21

GitHub Enterprise Server 2.21 is now available with updates to simplify collaboration, increase reliability and improve security.

Keep all your packages up to date with Dependabot

Keeping your dependencies updated is one of the easiest ways to keep the software you build secure. However, while it’s critically important to keep your dependencies updated, in a recent…

Now you can define secrets for an organization, making it easier to keep secrets synced across multiple repositories.

Join our Capture the Flag challenge to use your CodeQL skills or learn new ones.

See what we announced at our first virtual GitHub Satellite including a full dev environment on GitHub powered by VS Code, a new way to have discussions with your communities, new ways to secure projects with code scanning and secret scanning, and more.