skip to content
Back to
Home Bounties Research Advisories Get Involved Events

November 02, 2022

EkoParty 2022: Enter the metaverse

Conference — Buenos Aires, Argentina

The GitHub Security Lab is proud to sponsor EkoParty 2022, the 18th edition of EkoParty’s conference, and to contribute to the Capture the Flag competition. Come visit us at the GitHub booth, and visit the resources below to learn more about how to get involved!

Help secure the GitHub platform

With 83 millions developers, GitHub is the the complete developer platform to build, scale, and deliver secure software. Now in its eighth year, GitHub’s bug bounty program makes GitHub’s products and users more secure and has paid out over $1.5 million to researchers since 2016. Check out some of the blog posts we’ve published about this journey and help us by submitting a bug or two!

Help secure open source projects

GitHub Security Lab’s mission is to inspire and enable the community to secure the open source software we all depend on. With 200 vulnerabilities - 100 CVEs - disclosed every year, we foster a better collaboration between researchers and maintainers. And with more than $350,000 paid in 3 years to security researchers for writing CodeQL queries, we leverage the collective knowledge of the community to drive security results at scale.

Enterprises and open source maintainers: Ship secure products with GitHub Advanced Security

GitHub Advanced Security helps you find and fix security vulnerabilities in your code, before they can be exploited. It’s the only solution that combines code scanning, secret scanning, and dependency scanning in one place.

Learn to ship software like a pro

There’s no substitute for hands-on experience. But for most students, real world tools can be cost-prohibitive. That’s why we created the GitHub Student Developer Pack with some of our partners and friends. It’s packed with offers and discounts from the best developer tools in the business, so students can learn by doing, building, and shipping real software.

Further reading

Eight years of the GitHub Security Bug Bounty program
Highlighting some achievements we’ve made together with the bounty community from 2021!
Jill Moné-Corallo
May 23, 2022
Corrupting memory without memory corruption
In this post I’ll exploit CVE-2022-20186, a vulnerability in the Arm Mali GPU kernel driver and gain arbitrary kernel memory access from an untrusted app on a Pixel 6
Man Yue Mo
July 27, 2022
Keeping your GitHub Actions and workflows secure
Discussing some real-world examples of common security malpractices for GitHub Actions and workflows, and how to best avoid them.
Jaroslav Lobacevski
December 15, 2020
View event site
← Back to all events

To keep this community open and welcoming, please read our Code of Conduct.