The latest blogs from GitHub

The GitHub Security Lab teamed up with Ekoparty once again to create some challenges for its yearly Capture the Flag competition!

When socializing a new security tool, it IS possible to build a bottom-up security culture where engineering has a seat at the table. Let’s explore some effective strategies witnessed by the GitHub technical sales team to make this shift successful.

Developers care about security, but poorly integrated tools and other factors can cause frustration. Here are five best practices to reduce friction.

GitHub SDKs: software generated meets hand curated.

All GitHub Copilot users can now enjoy natural language-powered coding with Copilot Chat at no additional cost.

As the year winds down, we’re highlighting some of the incredible work from GitHub’s engineers, product teams, and security researchers.

Take CODEOWNERS and GitHub teams to the next level. Learn about how GitHub engineering solves the age old problem of who owns what.

Read a round-up of the exciting, new innovation coming from GitHub Enterprise.

Hacktoberfest has wrapped up, GitHub Universe has come to a close, and our community has been super hard at work. All the while people enjoyed turkey over Thanksgiving in the…

Learn about how we run a scalable vulnerability management program built on top of GitHub.

In November, we experienced one incident that resulted in degraded performance across GitHub services.

This blog post describes two linked vulnerabilities found in Frigate, an AI-powered security camera manager, that could have enabled an attacker to silently gain remote code execution.

We’ve added new improvements to default setup, including automatically scheduling scans on repositories and support for all CodeQL covered languages.

GitHub uses MySQL to store vast amounts of relational data. This is the story of how we seamlessly upgraded our production fleet to MySQL 8.0.

Read a roundup of the exciting, new innovation coming from GitHub Actions.

Discover the latest trends and insights on public software development activity on GitHub with the release of Q2 2023 data for the Innovation Graph.

Using CVE-2023-43641 as an example, I’ll explain how to develop an exploit for a memory corruption vulnerability on Linux. The exploit has to bypass several mitigations to achieve code execution.

Learn how we’re experimenting with generative AI models to extend GitHub Copilot across the developer lifecycle.

Customers using GitHub Enterprise Server can gain more insight and understanding into the security of their code.

Learn how researchers and security experts at GitHub, Microsoft, and Santander came together to address the challenges presented by the post-quantum cryptography world.

If you’re on the hunt for the perfect holiday gifts for the developer who has it all, look no further. We’ve curated a list of 10 must-have items (plus a few more) that strike the perfect balance between practicality and style.