GitHub for Beginners: Security best practices with GitHub Copilot
Learn how to leverage GitHub Copilot to make your code more secure.
Home / Security
Security
Seven years of open source: A more secure and diverse ecosystem
Explore insights into open source community growth, innovation, and inclusivity with an updated survey dataset.
Announcing GitHub Secure Open Source Fund: Help secure the open source ecosystem for everyone
Applications for the new GitHub Secure Open Source Fund are now open! Applications will be reviewed on a rolling basis until they close on January 7 at 11:59 pm PT. Programming and funding will begin in early 2025.
Found means fixed: Introducing code scanning autofix, powered by GitHub Copilot and CodeQL
Now in public beta for GitHub Advanced Security customers, code scanning autofix helps developers remediate more than two-thirds of supported alerts with little or no editing.
Fixing security vulnerabilities with AI
A peek under the hood of GitHub Advanced Security code scanning autofix.
GitHub’s Engineering Fundamentals program: How we deliver on availability, security, and accessibility
The Fundamentals program has helped us address tech debt, improve reliability, and enhance observability of our engineering systems.
Default setup now includes scheduled scans and supports all languages covered by CodeQL
We’ve added new improvements to default setup, including automatically scheduling scans on repositories and support for all CodeQL covered languages.
Universe 2023: Copilot transforms GitHub into the AI-powered developer platform
GitHub is announcing general availability of GitHub Copilot Chat and previews of the new GitHub Copilot Enterprise offering, new AI-powered security features, and the GitHub Copilot Partner Program.
Your curated GitHub Universe agenda: AI, ethics, and productivity
Gain actionable insights about the intersection of AI and human skills, while tackling ethics, accessibility, and productivity at these GitHub Universe sessions.
Your ultimate guide to the GitHub Universe ‘23 agenda
Get a sneak peek into the must-attend sessions, speakers, workshops, and GitHub certifications available at our global developer event.
Introducing auto-triage rules for Dependabot
Make quick work of alerts with preset and custom rules.
Hardening repositories against credential theft
Some best practices and important defenses to prevent common attacks against GitHub Actions that are enabled by stolen personal access tokens, compromised accounts, or compromised GitHub sessions.
Nine years of the GitHub Security Bug Bounty program
It was another record year for our Security Bug Bounty program! We’re excited to highlight some achievements we’ve made together with the bounty community in 2022!
3 ways to meet compliance needs without slowing down agility
Learn how to enable developer productivity and collaboration while staying secure and compliant. Stay compliant without slowing down your business. From security to CI/CD, automate every step of your software workflow—so your developers can stay focused on what matters most: building.
New npm features for secure publishing and safe consumption
Now you can create tokens with fine-grained permissions for automating your publishing and organization management workflows. And a new code explorer allows you to view content of a package directly in the npm portal.
The world's largest developer platform
GitHub
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
