Skip to content
@advanced-security

GitHub Advanced Security

Home of Advanced Security solutions that we can share with the world
README.md

Welcome to the GitHub Advanced Security Organisation! 👋

This organisation contains open source initiatives created by developers at GitHub (and around the world) to show the art of the possible with advanced security. :octocat: 💻

GitHub Advanced Security consists of CodeQL, Code Scanning, Secret Scanning, Security Overview and Dependency Review. A core principle of each of these solutions is being automated and integrable via API's and Webhooks. In this organisation, you will find starter kits, actions, custom queries and bundles, scripts and full-blown solutions that show off how you can integrate into GitHub Advanced Security (GHAS).

In comparison to the official GitHub organisation, a lot of the software you find here is developed as a best effort. These are open-source solutions developed outside of core responsibilities but with the aim for you to leverage and consume as you would any standard open-source software. 👐

We love contributions and feedback from you! So please feel free to open pull requests and issues as you can! 💕

Welcome and we hope what you find here useful 🙇

Pinned Loading

  1. secret-scanning-custom-patterns secret-scanning-custom-patterns Public

    Examples of Custom Secret Scanning Patterns

    HTML 124 21

  2. maven-dependency-submission-action maven-dependency-submission-action Public

    GitHub Action for submitting Maven dependencies

    TypeScript 45 22

  3. advanced-security-material advanced-security-material Public

    Shell 64 23

  4. codeql-queries codeql-queries Public

    [Deprecated] GitHub's Field Team's CodeQL Custom Queries, Suites, and Configurations. See GitHubSecurityLab/CodeQL-Community-Packs instead

    CodeQL 78 21

  5. codeql-coding-standards-bundle-releases codeql-coding-standards-bundle-releases Public

    CodeQL bundles containing the CodeQL Coding Standards queries

    4 3

  6. codeql-bundle-action codeql-bundle-action Public

    Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations

    Shell 19 7

Repositories

Showing 10 of 85 repositories
  • ghas-reviewer-app Public

    GitHub Advanced Security Pull Request Security Team required review GitHub App

    advanced-security/ghas-reviewer-app’s past year of commit activity
    Python 29 MIT 7 9 1 Updated Jul 6, 2024
  • ghas-mttr Public

    GitHub Advanced Security Mean Time to Remediate (MTTR)

    advanced-security/ghas-mttr’s past year of commit activity
    Python 1 MIT 3 3 0 Updated Jul 6, 2024
  • brew-dependency-submission-action Public

    Brew Lockfile Dependency Submission Action

    advanced-security/brew-dependency-submission-action’s past year of commit activity
    Python 3 MIT 4 1 0 Updated Jul 6, 2024
  • cocoapods-dependency-submission-action Public

    CocoaPods Lockfile Dependency Submission Action

    advanced-security/cocoapods-dependency-submission-action’s past year of commit activity
    Python 4 MIT 3 0 0 Updated Jul 6, 2024
  • sarif-toolkit Public

    All things SARIF, as an Action

    advanced-security/sarif-toolkit’s past year of commit activity
    Python 4 MIT 2 3 2 Updated Jul 6, 2024
  • secret-scanning-tools Public

    Testing Suite for GitHub Secret Scanning Custom Patterns

    advanced-security/secret-scanning-tools’s past year of commit activity
    Python 1 MIT 1 0 6 Updated Jul 6, 2024
  • dependabot-epss-action Public

    Action to detect if any open Dependabot alert CVEs exceed an EPSS threshold and fail the workflow.

    advanced-security/dependabot-epss-action’s past year of commit activity
    PowerShell 1 MIT 2 2 0 Updated Jul 5, 2024
  • cbom-action Public

    Create a Crypto Bill of Materials using CodeQL

    advanced-security/cbom-action’s past year of commit activity
    Python 6 MIT 6 0 5 Updated Jul 5, 2024
  • reusable-workflows Public

    Advanced Security Reusable GitHub Actions Workflows

    advanced-security/reusable-workflows’s past year of commit activity
    0 MIT 2 3 1 Updated Jul 5, 2024
  • SARIF-viewer Public

    JetBrains IDE plugin for displaying SARIF from GHAS or from a local file

    advanced-security/SARIF-viewer’s past year of commit activity
    Kotlin 8 MIT 2 3 2 Updated Jul 4, 2024
View all repositories

Top languages

Loading…

Most used topics

Loading…