Blue-teaming for Exiv2: creating a security advisory process
This blog post is the first in a series about hardening the security of the Exiv2 project. My goal is to share tips that will help you harden the security of your own project.
Tag
compliance
GitHub Actions for security and compliance
GitHub Actions can automate several common security and compliance tasks, even if your CI/CD pipeline is managed by another tool.
Audit log streaming is now in public beta
If you're a GitHub Enterprise Cloud customer, you can now set up a stream of audit log and Git events to Splunk or an Azure Event Hub.