GitHub Advanced Security
Home of Advanced Security solutions that we can share with the world
United States of America
Pinned Repositories
advanced-security-material
codeql-bundle-action
Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations
codeql-coding-standards-bundle-releases
CodeQL bundles containing the CodeQL Coding Standards queries
codeql-extractor-iac
CodeQL Extractor, Library, and Queries for Infrastructure as Code
codeql-queries
[Deprecated] GitHub's Field Team's CodeQL Custom Queries, Suites, and Configurations. See GitHubSecurityLab/CodeQL-Community-Packs instead
gh-sbom
Generate SBOMs with gh CLI
GSSAR
GitHub Secret Scanning Auto Remediator (GSSAR)
maven-dependency-submission-action
GitHub Action for submitting Maven dependencies
policy-as-code
GitHub Advanced Security Policy as Code
secret-scanning-custom-patterns
Examples of Custom Secret Scanning Patterns
GitHub Advanced Security's Repositories
advanced-security/secret-scanning-custom-patterns
Examples of Custom Secret Scanning Patterns
advanced-security/advanced-security-material
advanced-security/policy-as-code
GitHub Advanced Security Policy as Code
advanced-security/maven-dependency-submission-action
GitHub Action for submitting Maven dependencies
advanced-security/codeql-extractor-iac
CodeQL Extractor, Library, and Queries for Infrastructure as Code
advanced-security/ghas-to-csv
Play with GHAS API to provide posture data over time
advanced-security/ghas-reviewer-app
GitHub Advanced Security Pull Request Security Team required review GitHub App
advanced-security/probot-security-alerts
Sample GitHub App which monitors and enforces rules for code scanning, Dependabot, and secret scanning alerts
advanced-security/enterprise-security-team
Manage a uniform team of security managers for every organization in your enterprise
advanced-security/generate-sbom-action
An Action to wrap creating an SBOM via REST API
advanced-security/sample-codeql-pipeline-config
Integrate CodeQL into CI/CD pipelines, using the CodeQL CLI Bundle for Automated Code Scanning
advanced-security/spdx-dependency-submission-action
advanced-security/codeql-workshops-staging
Original workshops and staging area for new ones
advanced-security/demo-python
GitHub Advanced Security Python Demo Application
advanced-security/component-detection-dependency-submission-action
advanced-security/demo-java
GitHub Advanced Security scanning tutorial repository for Java
advanced-security/grab_ql
Grab some/all of CodeQL CLI binary, QL library, VSCode starter workspace, VSCode and VSCode QL extension
advanced-security/SARIF-viewer
JetBrains IDE plugin for displaying SARIF from GHAS or from a local file
advanced-security/cbom-action
Create a Crypto Bill of Materials using CodeQL
advanced-security/codeql-summarize
CodeQL Summary Generator
advanced-security/ghe-cross-instance-committers
A script which will return the total number of unique de-deuped active committers across multiple GHES instances
advanced-security/codeql-sarif-security-standard-annotator
Compare a CodeQL SARIF results file to a security standard CWE list and annotate the SARIF rules with a tag to highlight results applicable to the security standard
advanced-security/cocoapods-dependency-submission-action
CocoaPods Lockfile Dependency Submission Action
advanced-security/sarif-toolkit
All things SARIF, as an Action
advanced-security/brew-dependency-submission-action
Brew Lockfile Dependency Submission Action
advanced-security/dependabot-epss-action
Action to detect if any open Dependabot alert CVEs exceed an EPSS threshold and fail the workflow.
advanced-security/ghas-mttr
GitHub Advanced Security Mean Time to Remediate (MTTR)
advanced-security/secret-scanning-tools
Testing Suite for GitHub Secret Scanning Custom Patterns
advanced-security/conan-dependency-submission
Conan Dependency Submission to GitHub
advanced-security/reusable-workflows
Advanced Security Reusable GitHub Actions Workflows