How exposed is your code? Find out in minutes—for free
… The Code Security Risk Assessment is available to GitHub organization admins and security managers. …
Search
Code-to-cloud risk visibility with Microsoft Defender for Cloud is now generally available - GitHub Changelog
… Jun.17 Improvement Secret scanning updates – June 2026 application security Jun.16 Release GitHub Code Quality generally available July 20, 2026 application security platform governance Jun.16 Release Organization-level enablement for GitHub Code Quality application security enterprise management t…
GitHub expands application security coverage with AI‑powered detections
… Bringing expanded security coverage into pull requests Pull requests are where developers already review and approve changes, making them the most effective place to surface security risks early. …
Type: New Releases - GitHub Changelog
Back to blog All New Releases Improvements Retired Filters 0 selected May.14 Release Team-level Copilot usage metrics now available via API account management copilot enterprise management tools May.14 Release GitHub Copilot app is now available in technical preview client apps copilot May.13 Relea…
Top stories
Security-related product updates - GitHub Blog
… Community-powered security with AI: an open source framework for security research Announcing GitHub Security Lab Taskflow Agent, an open source and collaborative framework for security research with AI. …
Investigating unauthorized access to GitHub-owned repositories
… Alexis has 20 years of experience defending critical national and private sector networks, spanning positions with the Department of Defense and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency CISA . …
Dependabot alerts are now assignable to AI agents for remediation - GitHub Changelog
… May.26 Release Dependabot version updates now support the sbt ecosystem supply chain security May.22 Release Staged publishing and new install-time controls for npm supply chain security May.19 Retired Upcoming deprecation of Python 3.9 for Dependabot supply chain security May.19 Improvement Expand…
Hack the AI agent: Build agentic AI security skills with the GitHub Secure Code Game
… They can browse the web, call APIs, coordinate with other agents, and act on your behalf. Why agentic AI security matters right now The timing is not a coincidence. AI agents have moved from research prototypes to production tools at remarkable speed, and the security community is racing to keep up. …
Secret scanning in AI coding agents via the GitHub MCP Server - GitHub Changelog
… May.12 Improvement CodeQL 2.25.4 adds Swift 6.3.1 support, improvements to C and Java, and more application security May.08 Improvement CodeQL 2.25.3 adds Swift 6.3 support application security May.05 Release Secret scanning with GitHub MCP Server is now generally available application security May…
Optionally skip approval for Copilot coding agent Actions workflows - GitHub Changelog
… This helps protect you from security risks, given that GitHub Actions workflows may have access to tokens, secrets, or repository permissions, depending on your configuration. …