GitHub is now PCI DSS v4.0 compliant with our 4.0 service provider attestation available to customers

GitHub’s Payment Card Industry Data Security Standard (PCI DSS) v4.0 service provider Attestation of Compliance (AoC) as well as the corresponding shared responsibility matrix has been completed. This report is the first time GitHub has provided a PCI DSS service provider report for our customers. This enables customers to meet their own PCI DSS compliance needs using GitHub as part of their development environment.

Going forward, GitHub intends to provide this attestation of compliance each year.

If you’re an Enterprise customer and need to obtain copies of GitHub’s AoC or Shared Responsibility Matrix, please reach out to your account manager.

MAY.7Improvement
Repository rulesets: User bypass and branch renaming
- Platform Governance
APR.16Improvement
Rule insights dashboard and unified filter bar
- Platform Governance
APR.9Improvement
New Low Quality option in the Hide comment menu
- Platform Governance
FEB.17Improvement
Custom properties and rule insights improvements
- Platform Governance
SEP.10Improvement
GitHub ruleset exemptions and repository insights updates
- Platform Governance
SEP.1Improvement
GraphQL API resource limits
- Platform Governance
JUL.21Improvement
Including timeouts in primary rate limits
- Platform Governance
APR.22Improvement
Updates to security configuration settings for customers in existing grace periods
- Platform Governance
APR.9Improvement
Push rule delegated bypass and custom property regex support are generally available and repository policy delegated bypass is in preview
- Platform Governance

GitHub is now PCI DSS v4.0 compliant with our 4.0 service provider attestation available to customers

Related Posts

Subscribe to our developer newsletter