Reviewed advisories hit a four-year low, malware advisories surged, and CNA publishing grew—here’s what changed and what it means for your triage and response. Read Jonathan Evans's A year of open source vulnerability trends: CVEs, advisories, and malware https://lnkd.in/dGz5Yg5V
About us
- Website
-
https://securitylab.github.com
External link for GitHub Security Lab
- Industry
- Software Development
Updates
-
Software supply chain attacks are on the rise. Learn how open source contributors can use what GitHub Actions is building to help protect projects and the broader software community. https://lnkd.in/gc5fpBe3
-
At GitHub, we believe supporting open source means more than hosting code. It means investing in the people who maintain it, giving them the tools they need to succeed, and standing with them as the ecosystem evolves rapidly in the AI era. Open source maintainers deserve better support and security, and we’re listening and investing. https://lnkd.in/gJZPSUiq
-
GitHub Security Lab reposted this
How to scan for vulnerabilities with GitHub Security Lab’s open source AI-powered framework Link to blog post: https://lnkd.in/eCufH4ZN To run the tool: 1. Start a codespace on https://lnkd.in/eEjsmhN7 2. Wait a few minutes for the codespace to initialize 3. In the terminal, run ./scripts/audit/run_audit.sh myorg/myrepo A GitHub Copilot license is required. You may be eligible for free access if you're a student, teacher, or maintainer: https://lnkd.in/eryTv8yW
-
Sign in with ANY password: How we used AI to break into a popular chat application, and other high-impact vulnerabilities. Read "How to scan for vulnerabilities with GitHub Security Lab’s open source AI-powered framework" https://lnkd.in/de-fz3-N
-
Hello hackers! Here are our February bug bounty stats! 🐛 200 bounty reports submitted 👩💻 144 hackers participated in our program 💰 Awarded $48,589 in bounties Found a vulnerability? Submit it here: https://t.co/HG2AqybW0p .
-
If you're at DeveloperWeek and you care about open source security, there is a session you must attend. The GitHub Security Lab has been contributing to secure open source for the past 6 years and Xavier René-Corail will share with you the lessons learned from this journey! How GitHub Secures Open Source, PRO stage, 1pm.
-
GitHub Security Lab reposted this
Who knows how to secure open source better than the maintainers themselves? 🛡️ In Session 3 of the GitHub Secure Open Source Fund, 67 more projects improved their defenses. From securing the AI stack to strengthening the global supply chain, find out how these maintainers are making security improvements that benefit the entire ecosystem. 👇 https://lnkd.in/eJWXj27q
-
Here are our January bug bounty stats! 🐛 182 bounty reports submitted 👩💻 112 hackers participated in our program 💰 Awarded $76,269 in bounties Found a vulnerability? Submit it here: https://t.co/HG2AqybW0p.
