Home / Security

Security

Resources for securing your supply chain, building more secure applications, and staying up-to-date with the latest vulnerability research. Get comprehensive insights into the latest security trends, vulnerabilities, and best practices to safeguard software projects—and news from the GitHub Security Lab. Learn about various aspects of application security, such as threat modeling, secure coding techniques, vulnerability assessments, and the importance of regular security testing. 

Also, learn more about the tools and features available on GitHub to help manage and improve the security of your codebases. This includes information on GitHub’s security alerts, code scanning, secret scanning, and dependency management features, which are designed to detect and mitigate vulnerabilities early in the development process. And if you want to get more technical, you can head over to our documentation on code security on GitHub to find out how to keep your code and applications safe.

Featured

We do newsletters, too

Discover tips, technical guides, and best practices in our biweekly newsletter just for devs.

Latest

Securing millions of developers through 2FA

We’ve dramatically increased 2FA adoption on GitHub as part of our responsibility to make the software ecosystem more secure. Read on to learn how we secured millions of developers and why we’re urging more organizations to join us in these efforts.

Gaining kernel code execution on an MTE-enabled Pixel 8

In this post, I’ll look at CVE-2023-6241, a vulnerability in the Arm Mali GPU that allows a malicious app to gain arbitrary kernel code execution and root on an Android phone. I’ll show how this vulnerability can be exploited even when Memory Tagging Extension (MTE), a powerful mitigation, is enabled on the device.

The world's largest developer platform

Docs

Docs

Everything you need to master GitHub, all in one place.

GitHub

GitHub

Build what’s next on GitHub, the place for anyone from anywhere to build anything.

Customer stories

Customer stories

Meet the companies and engineering teams that build with GitHub.

GitHub Universe 2024

GitHub Universe 2024

Get tickets to the 10th anniversary of our global developer event on AI, DevEx, and security.