GitHub Advanced Security

Home of Advanced Security solutions that we can share with the world

United States of America

Pinned Repositories

advanced-security-material
Language:Shell74 5 525
codeql-bundle-action
Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations
Language:Shell27 1 36
codeql-coding-standards-bundle-releases
CodeQL bundles containing the CodeQL Coding Standards queries
6 2 03
codeql-extractor-iac
CodeQL Extractor, Library, and Queries for Infrastructure as Code
Language:CodeQL47 2 186
codeql-queries
[Deprecated] GitHub's Field Team's CodeQL Custom Queries, Suites, and Configurations. See GitHubSecurityLab/CodeQL-Community-Packs instead
Language:CodeQL82 1 020
gh-sbom
Generate SBOMs with gh CLI
Language:Go179 4 1813
GSSAR
GitHub Secret Scanning Auto Remediator (GSSAR)
Language:TypeScript46 4 411
maven-dependency-submission-action
GitHub Action for submitting Maven dependencies
Language:TypeScript49 6 4525
policy-as-code
GitHub Advanced Security Policy as Code
Language:Python82 4 3419
secret-scanning-custom-patterns
Examples of Custom Secret Scanning Patterns
Language:HTML164 8 2027

GitHub Advanced Security's Repositories

advanced-security/secret-scanning-custom-patterns
Examples of Custom Secret Scanning Patterns
Language:HTML164 8 2027
advanced-security/policy-as-code
GitHub Advanced Security Policy as Code
Language:Python82 4 3419
advanced-security/codeql-extractor-iac
CodeQL Extractor, Library, and Queries for Infrastructure as Code
Language:CodeQL47 2 186
advanced-security/ghas-reviewer-app
GitHub Advanced Security Pull Request Security Team required review GitHub App
Language:Python35 5 1010
advanced-security/awesome-codeql
A curated list of awesome CodeQL resources.
34 2 02
advanced-security/probot-security-alerts
Sample GitHub App which monitors and enforces rules for code scanning, Dependabot, and secret scanning alerts
Language:TypeScript23 1 1012
advanced-security/sample-codeql-pipeline-config
Integrate CodeQL into CI/CD pipelines, using the CodeQL CLI Bundle for Automated Code Scanning
19 1 011
advanced-security/generate-sbom-action
An Action to wrap creating an SBOM via REST API
Language:TypeScript18 2 14
advanced-security/component-detection-dependency-submission-action
Language:TypeScript17 1 96
advanced-security/sbom-generator-action
Language:JavaScript16 4 55
advanced-security/secret-scanning-review-action
Action to detect if a secret is initially detected in a pull request
Language:Python16 2 113
advanced-security/ghas-license-utilization
Optimize the utilization of GHAS licenses in an enterprise (or organization)
Language:Python15 6 02
advanced-security/spdx-dependency-submission-action
upload an SPDX 2.2 formatted SBOM to GitHub's dependency submission API
Language:JavaScript12 2 64
advanced-security/monorepo-filtering-workaround
A monorepo filtering workaround for GitHub Advanced Security Code Scanning using renaming of the scanning tool in an Actions workflow
Language:Java11 3 16
advanced-security/codeql-bundle
CLI to build a custom CodeQL bundle
Language:Python10 1 34
advanced-security/ghas-bootcamp
Language:Java10 2 03
advanced-security/monorepo-code-scanning-action
Focus SAST scans (with CodeQL) on just the changed parts of your monorepo, split up as you define
Language:JavaScript9 1 11
advanced-security/SARIF-viewer
JetBrains IDE plugin for displaying SARIF from GHAS or from a local file
Language:Kotlin9 2 153
advanced-security/codeql-development-toolkit
The CodeQL Development toolkit is a tool for making common CodeQL development workflows easier.
Language:C#8 2 92
advanced-security/ghas-workshop
Language:Java8 1 111
advanced-security/codeql-summarize
CodeQL Summary Generator
Language:Python7 2 172
advanced-security/ghe-cross-instance-committers
A script which will return the total number of unique de-deuped active committers across multiple GHES instances
Language:TypeScript6 1 24
advanced-security/codeql-sap-js
CodeQL models for SAP JavaScript frameworks CAP, UI5 and XSJS
Language:CodeQL51
advanced-security/reusable-workflows
Advanced Security Reusable GitHub Actions Workflows
3 3 74
advanced-security/gh-ghas-audit
GitHub CLI extension to audit GHAS and code scanning setup for one or more organizations and repositories.
Language:Go2
advanced-security/codeql_container_example
This repository serves as an exemplary resource demonstrating how to set up CodeQL to scan containerized applications for vulnerabilities. Its primary objective is to showcase the implementation of CodeQL in the code scanning process.
Language:TypeScript1 7 02
advanced-security/ghas-seat-projection
GitHub Action to get information of assess how many seats enablement of GHAS will consume when enabled on a repository
Language:JavaScript11
advanced-security/python-lint-code-scanning-action
Lint and type check Python with your choice of popular linters, and upload results to GitHub Code Scanning
Language:Python0 1 63
advanced-security/conda-dependency-submission-action
Language:TypeScript1 13
advanced-security/sample-javascript-monorepo
Language:TypeScript0 0