Brittany O'Shea

Posts by this author

Product View GitHub code scanning findings directly in VS Code and GitHub Codespaces

Developers can now view GitHub code scanning findings directly in VS Code and GitHub Codespaces. The new Microsoft SARIF Viewer extension gives developers direct access to their code scanning results, making remediating vulnerabilities easier than ever.

Brittany O'Shea, Niroshan RajaduraiOctober 11, 2022

product-news

Product
Detect secrets in your code more accurately with dry runs for custom patterns now available in GitHub Advanced Security
Learn how you can seamlessly define trusted custom secret patterns to detect secrets unique to your organization with GitHub Advanced Security.Brittany O'Shea, Mariam SulakianOctober 5, 2022
Learn more
Supply chain security
SCA vs SAST: what are they and which one is right for you?
We’re taking a look at two commonly-used security tools and detailing how they can help secure your projects.Brittany O'SheaSeptember 9, 2022
Learn more
Product
Dependabot now alerts for vulnerable GitHub Actions
GitHub Actions gives teams access to powerful, native CI/CD capabilities right next to their code hosted in GitHub. Starting today, GitHub will send a Dependabot alert for vulnerable GitHub Actions, making it even easier to stay up to date and fix security vulnerabilities in your actions workflows.Brittany O'Shea, Kate CatlinAugust 9, 2022
Learn more
Secure software development
All GitHub Enterprise users now have access to the security overview
Today, we’re expanding access to the GitHub security overview! All GitHub Enterprise customers now have access to the security overview, not just those with GitHub Advanced Security. Additionally, all users within an enterprise can now access the security overview, not just admins and security managers.Brittany O'Shea, Kelly ArwineAugust 8, 2022
Learn more
Supply chain security
Extend your dependency information in the GitHub Dependency Graph with new GitHub Actions
New Actions from Anchore, NowSecure, SBT, and Trivy are now available to create a more comprehensive GitHub Dependency Graph.Jose Palafox, Brittany O'SheaJuly 1, 2022
Learn more
Company news
GitHub enables the development of functional safety applications by adding support for coding standards AUTOSAR C++ and CERT C++
GitHub is excited to announce the release of CodeQL queries that implement the standards CERT C++ and AUTOSAR C++. These queries can aid developers looking to demonstrate ISO 26262 Part 6 process compliance.Brittany O'SheaJune 20, 2022
Learn more
Application security
GitHub now publishes malware advisories in the GitHub Advisory Database
To combat the prevalence of malware in the open source ecosystem, GitHub now publishes malware occurrences in the GitHub Advisory Database. These advisories power Dependabot alerts and remain forever free and usable by the community.Brittany O'Shea, Kate CatlinJune 15, 2022
Learn more
Supply chain security
How Dependabot empowers you to keep your projects secure
We want to take away the pain and effort of keeping your code secure, so check out how Dependabot empowers developers to keep to their projects secure.Brittany O'SheaApril 6, 2022
Learn more
Application security
Using GitHub’s security features to help identify Log4j exposure in your codebase
Use GitHub’s security features to assess Apache Log4j exposure and, where possible, mitigate this vulnerability within your GitHub repositories.Brittany O'SheaDecember 14, 2021
Learn more

Posts by this author

We do newsletters, too

Posts by this author