Build what's next on GitHub, the place for anyone from anywhere to build anything.
Join us October 28-29 in San Francisco or online for GitHub Universe, our flagship developer event uniting people, agents, and the world's code.
Focus on the essential practices and strategies for securing web applications. Get guidance on identifying, mitigating, and preventing common web vulnerabilities such as cross-site scripting (XSS), SQL injection, cross-site request forgery (CSRF), and more.
The new Code Security Risk Assessment gives you a one-click view of vulnerabilities across your organization, at no cost.
For this year’s Cybersecurity Awareness Month, the GitHub Bug Bounty team is excited to put the spotlight on a talented security researcher—André Storfjord Kristiansen!
For this year’s Cybersecurity Awareness Month, the GitHub Bug Bounty team is excited to feature another spotlight on a talented security researcher — @xiridium!
When a chat conversation is poisoned by indirect prompt injection, it can result in the exposure of GitHub tokens, confidential files, or even the execution of arbitrary code without the user’s explicit consent. In this blog post, we’ll explain which VS Code features may reduce these risks.
Discover tips, technical guides, and best practices in our biweekly newsletter just for devs.
Maintaining and developing complex and risky code is never easy. See how we addressed the challenges of securing our SAML implementation with this behind-the-scenes look at building trust in our systems.
Practical tips on how to apply OWASP Top 10 Proactive Control C4.
A deep dive into how GitHub adds support for new languages to CodeQL.
