Security and code quality documentation
Build security and code quality into your GitHub workflow to secure your software supply chain, prevent data leaks, and automatically find and fix vulnerabilities and code health issues in your codebase.
Start here
Quickstart for securing your repository
Manage access to your code. Find and fix vulnerable code and dependencies automatically.
How-tos for push protection
Learn how to use GitHub's push protection.
Dependabot quickstart guide
Find and fix vulnerable dependencies you rely on with Dependabot.
Configuring default setup for code scanning
Quickly set up code scanning to find vulnerable code automatically.
Popular
Release notes
Detailed information for all releases of the currently selected version of GitHub Enterprise Server.
Best practices for preventing data leaks in your organization
Learn guidance and recommendations to help you avoid private or sensitive data present in your organization from being exposed.
Best practices for maintaining dependencies
Guidance and recommendations for maintaining the dependencies you use, including GitHub's security products that can help.
How-tos for detecting secret leaks
Learn how to use GitHub's tools to detect secret leaks.
Configuring default setup for code scanning
Quickly set up code scanning to find vulnerable code automatically.
Configuring Dependabot security updates
You can use Dependabot security updates or manual pull requests to easily update vulnerable dependencies.
Configuring Dependabot version updates
You can configure your repository so that Dependabot automatically updates the packages you use.
How-tos for security and code quality
- Secure at scale • 3 articles
- How-tos for securing secrets • 6 articles
- Scan code for vulnerabilities • 6 articles
- Securing your supply chain • 4 articles
- Managing security alerts • 4 articles
- How-tos for reporting and fixing vulnerabilities • 2 articles
- How-tos for viewing and interpreting security results • 4 articles