Skip to content

Security

See all topics
The ReadME Project
Naveen Srinivasan & Brian Russell

Naveen Srinivasan & Brian Russell // OpenSSF

In Scorecard we trust

How to strengthen your software supply chain security, improve best practices, and build trust in your projects.

Ayden Férdeline

Ayden Férdeline

Privacy engineering: 8 tips to mitigate risks and secure your data

Understand what can go wrong and how to protect against the most likely scenarios.

Justin Trugman & Babitha Singh

Justin Trugman & Babitha Singh // Caregility

Incorporating security in Enterprise DevOps workflows

How Caregility prepared for third-party security audits with GitHub Advanced Security.

Justin Watts

Justin Watts // Telus

Shift security left in one day

It’s getting easier and more intuitive to catch mistakes before they spiral into disasters.

Lisa Tagliaferri, PhD

Lisa Tagliaferri, PhD // Chainguard

Implementing software security in open source

How to automate security and build confidence in your code.

Jonathan Leitschuh

Jonathan Leitschuh

The thrill of open source security

Jonathan finds broken things and fixes them to make the world a more secure place.

Feross Aboukhadijeh

Feross Aboukhadijeh

There are no warranties on open source

Feross on building OSS building blocks, rewriting the rules, and releasing obligations.

John Allspaw

John Allspaw // Adaptive Capacity Labs

What we talk about when we talk about ‘root cause’

It’s a lot more nuanced than you might think.

Featured Article

Featured Article

How Rust developers are making the web safer

The Rust programming language makes it easier to build safer software. What will it take to Rust All the Things?

Kevin Riggle

Kevin Riggle

How to write an internal production failure incident communication

What do you say when the system is down?

Featured Article

Featured Article

How InfoSec pros keep open source safe—and how you can help

Security pros talk about what keeps them up at night—and what they’re doing about it.

About The
ReadME Project

Coding is usually seen as a solitary activity, but it’s actually the world’s largest community effort led by open source maintainers, contributors, and teams. These unsung heroes put in long hours to build software, fix issues, field questions, and manage communities.

The ReadME Project is part of GitHub’s ongoing effort to amplify the voices of the developer community. It’s an evolving space to engage with the community and explore the stories, challenges, technology, and culture that surround the world of open source.

Follow us:

Nominate a developer

Nominate inspiring developers and projects you think we should feature in The ReadME Project.

Support the community

Recognize developers working behind the scenes and help open source projects get the resources they need.