Write more secure code with the OWASP Top 10 Proactive Controls
This lesser-known OWASP project aims to help developers prevent vulnerabilities from being introduced in the first place.
This lesser-known OWASP project aims to help developers prevent vulnerabilities from being introduced in the first place.
GitHub has partnered with the OpenSSF and Project Sigstore to add container image signing to our default “Publish Docker Container” workflow.
The end of the year is getting closer, and our communities are busy working away on their projects. While you’ve all been busy maintaining open source projects and shipping releases, we’ve created a new open
In November, we experienced one incident resulting in significant impact and degraded state of availability for multiple services.
You can multiply the impact of your domain experts by building their common workflows into ChatOps.
Are you a student in India? Applications are open for the GitHub Externships Winter Cohort!
From learning YAML to scripting with Bash, here are a few simple tips for developers who want to speed up their workflows.
DRY your Actions configuration with reusable workflows (and more!)
GitHub Actions now supports OpenID Connect for secure deployment to different cloud providers via short-lived, auto-rotated tokens.
OSS-Fuzz is Google’s awesome fuzzing service for open source projects. GitHub Security Lab’s @kevinbackhouse describes enrolling a project.