Open Source Community
Secure code education, hands-on AppSec training, and specialized support. Free for open source developers, maintainers, and security researchers.
For Developers
Learn secure coding patterns
The Secure Code Game is an open source, in-repo, learning experience for developers, to build a secure coding mindset while having fun.
How do I start securing my project?
Enable, with just a few clicks, and for free, GitHub's security tools that will help you write secure code, prevent secret leaks, scan your dependencies for security vulnerabilities, and globally keep your users safe.
For Security Researchers
Latest articles
See all articlesCodeQL
We find hundreds of vulnerabilities in open source thanks to CodeQL
New to CodeQL? Learn how you can apply static analysis to security vulnerability research.
Want to play a game? We created several “Capture the Flag” based on CodeQL, to help you make your first step.
Security Advisories
Request a CVE ID
If you want a CVE identification number for a security vulnerability in your project, you can request the CVE ID from GitHub. GitHub usually reviews the request within 72 hours, and will take care of curating and publishing the CVE record after your repository advisory is published.
Contribute to a Security Advisory
Our team of security researchers continuously review new security information to ensure our data is the best there is, and this includes additional insights provided by the global community of subject-matter experts. You can help make this data better by contributing your expertise back to it!