GitHub Advanced Security
Home of Advanced Security solutions that we can share with the world
United States of America
Pinned Repositories
advanced-security-material
codeql-bundle-action
Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations
codeql-coding-standards-bundle-releases
CodeQL bundles containing the CodeQL Coding Standards queries
codeql-extractor-iac
CodeQL Extractor, Library, and Queries for Infrastructure as Code
codeql-queries
[Deprecated] GitHub's Field Team's CodeQL Custom Queries, Suites, and Configurations. See GitHubSecurityLab/CodeQL-Community-Packs instead
gh-sbom
Generate SBOMs with gh CLI
GSSAR
GitHub Secret Scanning Auto Remediator (GSSAR)
maven-dependency-submission-action
GitHub Action for submitting Maven dependencies
policy-as-code
GitHub Advanced Security Policy as Code
secret-scanning-custom-patterns
Examples of Custom Secret Scanning Patterns
GitHub Advanced Security's Repositories
advanced-security/gh-sbom
Generate SBOMs with gh CLI
advanced-security/codeql-queries
[Deprecated] GitHub's Field Team's CodeQL Custom Queries, Suites, and Configurations. See GitHubSecurityLab/CodeQL-Community-Packs instead
advanced-security/filter-sarif
GitHub Action for filtering Code Scanning alerts by path and id
advanced-security/codeql-bundle-action
Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations
advanced-security/gh-codeql-scan
GH CLI CodeQL Scan Extension
advanced-security/awesome-codeql
A curated list of awesome CodeQL resources.
advanced-security/demo-csharp
GitHub Advanced Security C# Demo Application
advanced-security/sbom-generator-action
advanced-security/ghas-license-utilization
Optimize the utilization of GHAS licenses in an enterprise (or organization)
advanced-security/secret-scanning-review-action
Action to detect if a secret is initially detected in a PR commit
advanced-security/set-codeql-language-matrix
Automatically set the CodeQL matrix job using the languages in your repository.
advanced-security/codeql-development-toolkit
The CodeQL Development toolkit is a tool for making common CodeQL development workflows easier.
advanced-security/monorepo-filtering-workaround
A monorepo filtering workaround for GitHub Advanced Security Code Scanning using renaming of the scanning tool in an Actions workflow
advanced-security/codeql-bundle
CLI to build a custom CodeQL bundle
advanced-security/dart-analyzer-sarif
Convert `dart analyze` CLI output into SARIF
advanced-security/github-app-auth
Utility to generate tokens to interact with the GitHub API via GitHub App integration
advanced-security/spotbugs-findsecbugs-action
Run SpotBugs with FindSecBugs on Java and other JVM languages (e.g. Scala), and upload the results to GitHub Code Scanning
advanced-security/teams-secret-scanning-notifier-azure-function
Microsoft Teams notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
advanced-security/awesome-secret-scanning
A curated list of awesome GitHub Advanced Security secret scanning resources.
advanced-security/dependabot-kev-action
Action to detect if any open Dependabot alerts are in the CISA Known Exploited Vulnerabilities (KEV) Catalog of CVEs and fail the workflow.
advanced-security/gh-add-files
A GitHub CLI Extension that allows you to add files to your GitHub repositories directly from the command line
advanced-security/remap-sarif
Remap a SARIF file with sourcemaps
advanced-security/adjust-cvss
advanced-security/slack-secret-scanning-notifier-azure-function
Slack notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
advanced-security/crypto-bill-of-materials-data
Generate a Crypto Bill of Materials using CodeQL
advanced-security/python-lint-code-scanning-action
Lint and type check Python with your choice of popular linters, and upload results to GitHub Code Scanning
advanced-security/.github
GitHub Advanced Security's Org README
advanced-security/awesome-dependabot
A curated list of awesome Dependabot (and related software supply chain) resources.
advanced-security/flake8-sarif-formatter
Format Flake8 results as SARIF for input to SAST tools such as GitHub Code Scanning
advanced-security/secret-scanning-notifications
A GitHub Action that sends email notifications to security manager team for any new or resolved secret scanning alerts based on a set frequency