At GitHub, we spend a lot of time thinking about and building secure products—and one key facet of that is threat modeling. This practice involves bringing security and engineering teams together to discuss systems, ultimately

A software supply chain is anything that goes into, or affects your code. Even though supply chain compromises are real, and growing in popularity, they’re still extremely rare – and so the most important thing you can do to protect your supply chain is patch your vulnerabilities. Then, to successfully secure your software supply chain, you need to understand the dependencies in your environment, know about vulnerabilities in those dependencies, and quickly patch them. For Software Composition Analysis (SCA) capabilities native to GitHub, use Dependency Graph, Dependabot alerts, and Dependabot security and version updates to automate the hard work.

Introduction In August, we experienced no incidents resulting in service downtime. This month’s GitHub Availability Report will dive into updates to the GitHub Status Page and provide follow-up details on how we’ve addressed the incident

GitHub Container Registry introduces easy sharing across organizations, fine-grained permissions, and free, anonymous access for public container images

Register, vote, and volunteer to make an impact during the U.S. 2020 elections.

GitHub Actions gives you the power to automate your workflow. Connect with the tools you know and love. Have more freedom to innovate and be creative. Deploy to any cloud, build containers, automate messages, and

Integrating static analysis security testing into the developer workflow is hard. We discuss the challenges and how to overcome them

Last year, the Adacats (GitHub’s employee resource group for marginalized genders) started a mentorship program. We’re sharing insights and fun stories from this experience for anyone interested in starting a program of their own. The

GitHub recently upgraded to Ruby 2.7. Learn how the team approached the deprecation warnings, why upgrading is important, and the notable performance improvements.

This is a guest post by Rahul Chhabria, Director of Product Marketing at Sentry. At Sentry, we believe that code is the center of every experience and when code works, customers are happy. For consumers