Are you leading teams in a remote world? We are wrapping up our remote working series with some final tips on leading remote and distributed teams. We hope our teams have helped while we collectively work remotely from around the world.

GitHub provides the security capabilities to achieve Level 1 of the OWASP DevSecOps Maturity Model. In this post, we explore the principles of DSOMM Level 1 and how you can implement secret scanning, SCA, SAST and DAST using native tooling on GitHub.

GitHub Actions hosted virtual environments are a turn-key option for running your workflows. But if you need fine-grained control and customization of your environment, then self-hosted runners give you full control of the hardware, operating

Last month we introduced GitHub’s monthly availability report to address service disruptions and share our learnings with the community.

GitHub’s dependency graph identifies all upstream dependencies and public downstream dependents of a repository or package by parsing manifest files, so that you can better manage the security and compliance of your dependencies.

Today GitHub Actions shipped a series of features designed to improve your workflows when working with PRs from repository forks. New settings for private repository forks Many GitHub customers choose to work in a forking

Today GitHub Actions shipped a series of features designed to improve your workflows when working with PRs from repository forks. New settings for private repository forks Many GitHub customers choose to work in a forking

We are happy to announce that GitHub is joining the Open Source Security Foundation (OpenSSF) as a founding member, alongside Google, IBM, JPMorgan Chase, Microsoft, NCC Group, OWASP Foundation, Red Hat, and others.

We are happy to announce that GitHub is joining the Open Source Security Foundation (OpenSSF) as a founding member, alongside Google, IBM, JPMorgan Chase, Microsoft, NCC Group, OWASP Foundation, Red Hat, and others.

As previously announced, beginning November 13th, 2020, we will no longer accept account passwords when authenticating with the REST API and will require the use of token-based authentication (e.g., a personal access, OAuth, or GitHub

Simon Bennetts is the OWASP Zed Attack Proxy (ZAP) Project Leader and a Distinguished Engineer at StackHawk, a company that uses ZAP to help users fix application security bugs before they hit production. Prior to making the move into security, he was a developer for 25 years and strongly believes that you can’t build secure web applications without knowing how to attack them.

In this post, hear from @stevemar, a Senior Technical Staff Member at IBM, about a new GitHub Starter Workflow for developers deploying containerized applications to IBM Cloud Kubernetes Service.  Here at IBM, we’re one of

We’re welcoming Malta and Cyprus to the GitHub Sponsors community. Check out this exciting news plus the latest from GitHub Sponsors.

The public roadmap is designed to give your team more information about what features and functionality you can expect from GitHub over the coming quarters.

The open source Git project just released Git 2.28 with features and bug fixes from over 58 contributors, 13 of them new. We last caught up with you on the latest in Git back when

Protect your team’s code with secure software development best practices like setting up SAML/SCIM integrations, enforcing policies to avoid code leakage, and more.

Last week, the Court of Justice of the European Union (CJEU) ruled the EU-US Privacy Shield, a mechanism governing personal data transfers from the EU to the US, is invalid due to concerns about US government access to

Keep dependencies up to date, to make sure you can quickly apply a patch when it really matters - when there’s a critical security vulnerability.

GitHub stores your source code, releases, and a vast amount of invaluable information in issues and pull requests. While GitHub Enterprise Server (GHES), our self hosted solution, provides great security by default, administrators can take additional steps to further harden their appliance. This post will guide you through the most important settings.

GitHub dependency insights helps both developers and security teams manage their open source security with confidence——automatically compiling relevant CVE information, aiding in OSS license compliance, and helping them better understand their OSS dependency versions.

At GitHub Universe 2019, we introduced the GitHub Archive Program along with the GitHub Arctic Code Vault. Our mission is to preserve open source software for future generations by storing your code in an archive built to last a thousand years.

We all play a role in securing the world’s code. No one company can solve things alone, including GitHub, which is why it is critical to combine the energies of teams, companies, and individuals that

Sales and Support leaders share advice and strategies to help you navigate a remote-first customer approach.

Securing the open source supply chain is critically important for developer communities and the entire software ecosystem. In recent years, the industry has seen an uptick in the adoption of open source components spurring new

What is the Availability Report? Historically, GitHub has published post-incident reviews for major incidents that impact service availability. Whether we’re sharing new investments to infrastructure or detailing site downtimes, our belief is that we can

The GitHub community is capable of incredible things and GitHub Actions is the tool. Do you want to automate your workflow, increase your productivity, and empower your developer experience? Then read on for inspiration. We’ve

ICYMI: docs.github.com is the new place to discover all of GitHub’s product documentation! We recently completed a major overhaul of GitHub’s documentation websites. When you visit docs.github.com today, you’ll see content from the former help.github.com

Last week, GitHub joined over 500 organizations signing a letter to the U.S. Congress seeking continued support for the Open Technology Fund (OTF) and its mission of funding open source tools for internet freedom. OTF

We know how important learning is to your success using GitHub. When you’re using our products, we hope you’ll feel confident and supported with the tools you need to keep growing in your journey. That’s

We know how important learning is to your success using GitHub. When you’re using our products, we hope you’ll feel confident and supported with the tools you need to keep growing in your journey. That’s

One year ago, the security research team at Semmle launched its first Capture the Flag (CTF), as part of the Hack In The Box (HITB) Amsterdam conference. We wanted to propose something different from the

The GitHub Workplace Experience team weighs in on how to get creative during COVID-19 and what the future holds.

GitHub Actions allows you to automate your workflow. With GitHub Actions, you can deploy to any cloud, build containers, automate messages, and do so much more. Use any tool you know and love, and have

GitHub Enterprise Server 2.21 is now available with updates to simplify collaboration, increase reliability and improve security.

GitHub Actions makes it easy to automate all your software workflows, from continuous integration and delivery to issue triage and more. Whether you want to build a container, deploy a web service, or automate welcoming

Student developers are the future of software. Their taste in tools, habits around code, what they are learning–all of these drivers will shape tech, and culture in general, for years to come. But for many

Now you can create custom workflow templates to promote best practices and consistency across your organization.

Setting up a new repository with all the right linters for the different types of code can be time consuming and tedious. So many tools and configurations to choose from and often more than one

Class of 2020, you did it! With schools turning to drive through diploma stops and recreating their campus in Minecraft, GitHub Education decided that celebrating this milestone for the next generation of developers would be

GitHub Actions allows you to automate your workflow. Connect with the tools you know and love, and have more freedom to innovate and be creative. With GitHub Actions, you can deploy to any cloud, build

We’re partnering with Hack Club to support the students behind Summer of Making, a new remote, student summer program. From building Arduino-powered robots to creating an open source game, we’re excited to see students channel their passions and build with the Hack Club community this summer.

We’ve given the GitHub Support Community a major upgrade with a number of benefits: built using open-source, great Markdown support, more responsive design, and so much more.
The post The GitHub Support Community has a new look and feel! appeared first on The GitHub Blog.

Saying thanks is now a core part of the Security Advisory workflow.
The post Giving credit for Security Advisories appeared first on The GitHub Blog.

Saying thanks is now a core part of the Security Advisory workflow.
The post Giving credit for Security Advisories appeared first on The GitHub Blog.

Learn about some new ways students can code in the browser. With online integrated development environments (IDEs), students can get right to work in a web browser, avoiding software conflicts that might happen on their local machines.
The post Code in the browser with GitHub Classroom appeared first on The GitHub Blog.

Now you can define secrets for an organization, making it easier to keep secrets synced across multiple repositories.
The post Keep your secrets synced across multiple repositories with organization secrets appeared first on The GitHub Blog.

We had multiple service interruptions in April that may have impacted your projects and businesses. We know how important reliability is for our users and have detailed an analysis on the disruptions.
The post April service disruptions analysis appeared first on The GitHub Blog.

GitHub parents share their tips for adapting during COVID-19 and working from home with kids.
The post Remote work: How parents are adapting and working during COVID-19 appeared first on The GitHub Blog.