Apr MAY Jun
21
2024 2025 2026
success
fail

About this capture

COLLECTED BY

Collection: Save Page Now

TIMESTAMPS

The Wayback Machine - http://web.archive.org/web/20250521084913/https://github.com/security
  

Skip to content  

Navigation Menu

 






Sign in  












GitHub Copilot  
 Write better code with AI  


GitHub Models   New  
Manage and compare prompts  


GitHub Advanced Security  
 Find and fix vulnerabilities  


Actions  
 Automate any workflow  


Codespaces  
 Instant dev environments  








Issues  
 Plan and track work  


Code Review  
 Manage code changes  


Discussions  
 Collaborate outside of code  


Code Search  
 Find more, search less  




Explore  

Why GitHub  

All features  

Documentation  

GitHub Skills  

Blog  









By company size  

Enterprises  

Small and medium teams  

Startups  

Nonprofits  



By use case  

DevSecOps  

DevOps  

CI/CD  

View all use cases  





By industry  

Healthcare  

Financial services  

Manufacturing  

Government  

View all industries  




View all solutions  






Topics  

AI
DevOps  

Security  

Software Development  

View all  





Explore  

Learning Pathways  

Events & Webinars  

Ebooks & Whitepapers  

Customer Stories  

Partners  

Executive Insights  













GitHub Sponsors  
 Fund open source developers  






The ReadME Project  
 GitHub community articles  


Repositories  

Topics  

Trending  

Collections  













Enterprise platform  
 AI-powered developer platform  


Available add-ons  



GitHub Advanced Security  
 Enterprise-grade security features  


Copilot for business  
 Enterprise-grade AI features  


Premium Support  
 Enterprise-grade 24/7 support  





Pricing
 


Search or jump to...  

Search code, repositories, users, issues, pull requests...




Clear

Search syntax tips 










Provide feedback  







We read every piece of feedback, and take your input very seriously.


 
 


Saved searches  

Use saved searches to filter your results more quickly

 





To see all available qualifiers, see our documentation.






 
 

Sign in  
Sign up    



You signed in with another tab or window. Reload to refresh your session.  You signed out in another tab or window. Reload to refresh your session.  You switched accounts on another tab or window. Reload to refresh your session.  Dismiss alert  







{{ message }}
  



  • Code Security
  • Supply Chain Security
  • Plans & pricing
    • GitHub Security

    Powerful security, designed for developers

    Request a demoSee plans & pricing

    Get enterprise-grade, built-in application security.


    Explore GitHub Advanced Security

    Find out how platform security strengthens your workflow.


    Read about platform security

    GitHub’s API stays secure with ISO, SOC 2, and GDPR.


    Visit the Trust Center

    Join the companies that secure their code with GitHub

    HashicorpMercado Libre3MLinkedInOtto GroupTelusKPMGCarlseberg Group

    Security seamlessly
    integrated into your workflow

    Prevent accidental secret exposure

    The image shows a terminal command and error message on a gradient blue background. The command is attempting to push code to a Git repository. The text reads: → ~/my_project git:(branch_name) git push remote: error GH009: Secrets detected! This push failed.

    Push protection automatically blocks secrets before they reach your repository, keeping code clean without disrupting workflows.

    Explore GitHub Secret Protection

    Find and fix vulnerabilities in your code

    The image displays a code snippet with an AI-suggested fix. The code is written in JavaScript and is shown on a blue gradient background. The original line of code, highlighted in red, reads: res.send('Hello ${req.query.name}!');. The AI-suggested fix, highlighted in green, reads: res.send('Hello ${escape(req.query.name)}!');. This change suggests using the escape function to sanitize the user input from req.query.name before sending it as part of the response.

    Address security debt in your GitHub workflow with static analysis, AI remediation, and proactive vulnerability management.

    Explore GitHub Code Security

    Securing the entire
    software supply chain

    Enhance your security strategy with the GitHub Security Lab

    Learn how the lab helps secure open source by finding vulnerabilities, building tools like CodeQL, and advancing security research.

    Visit the GitHub Security Lab

    Stay ahead of threats with the Security Advisory Database

    Access a security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

    Visit the GitHub Security Database

    GitHub’s supply chain security reduces open source risks with auto-updates, dependency tracking, and build attestation.

    Learn more about supply chain security
    The image displays a list of open and closed security issues in a software project management tool. There are 65 open issues and 12 closed issues. The list includes various vulnerabilities such as "axios Requests Vulnerable to Possible SSRF and Credential Leak," "body-parser vulnerable to denial of service when url encoding," "Express.js Open Redirect in malformed URLs," "Axios Cross-Site Request Forgery Vulnerability," "Axios vulnerable to Server-Side Request Forgery," and "Potential XSS vulnerability in jQuery." Each issue entry includes the date it was opened, the package affected (e.g., axios, body-parser, Express.js), and labels such as 'Moderate' or 'Direct'.
    GitHub Advanced Security empowers our developers to detect and fix vulnerabilities earlier, accelerating our time to market and boosting developer satisfaction.

    SAP logo

    Michael SpindlerHead of development services and tools at SAP

    Adopted by the world's leading organizations

    Otto Group elevates developer engagement with GitHub Advanced Security

    The image shows a modern office building with a large sign on the top that reads "OTTO" in red letters. The building has multiple floors with large glass windows and some greenery, including trees, on the rooftop. The sky is clear with some clouds, providing a bright and pleasant backdrop. This image is interesting as it depicts the headquarters of a company named OTTO, showcasing its contemporary architecture and environmentally friendly design elements such as rooftop greenery.
    Read customer story

    SPH Media tames tool sprawl and secures code with GitHub

    The image shows the reception area of SPH Media, a media company. The reception desk is positioned against a wall with the company's logo "sph media" prominently displayed above it in blue letters. Below the logo, the word "Reception" is written in smaller blue letters. Several people are walking past the reception area, and one person is standing near the desk. The floor is reflective, and there are colorful panels on the left wall of the hallway leading to this area.
    Read customer story

    Postmates uses GitHub Advanced Security to catch vulnerabilities

    The image shows two individuals seated at a white desk, each working on a laptop. The person on the left has long blonde hair and is wearing a black hoodie, while the person on the right has long dark hair and is wearing a blue shirt. Both laptops have stickers on them. Behind them, there is a large logo of "Postmates" with an image of a person riding a bicycle and stars trailing behind.
    Read customer story

    Built-in security for developer workflows

    Request a demoSee plans & pricing

    Resources to get started

    Discover developer-first security

    Take an in-depth look at the current state of application security.

    View the webinar

    Explore the DevSecOps guide

    Learn how to write more secure code from the start with DevSecOps.

    Read the whitepaper

    Avoid AppSec pitfalls

    Explore common application security pitfalls and how to avoid them.

    Read the whitepaper

    Site-wide Links



    Subscribe to our developer newsletter


    Get tips, technical guides, and best practices. Twice a month.
       Subscribe