GitHub has announced that from April 1, GitHub Advanced Security will be available as two standalone security products - GitHub Secret Protection and GitHub Code Security. 

GitHub Advanced Security (GHAS) is GitHub's application security solution. GHAS uses AI and features include remediation, static analysis, secret scanning, and software composition analysis.

In addition to being made available as two products,  GitHub says the new products will be available to its Team plan customers for the first time. 

GitHub Secret Protection is described as having features that help detect and prevent secret leaks, specifically secret scanning, AI-detected passwords, and push protection for secrets. Secret Protection will be available for $19 per month per active committer.

Secret protection offers push protection which aims to prevent secret leaks before they happen. It also has AI detection with a low rate of false positives, and secret scanning alerts with notifications. Secret scanning checks items such as tokens or private keys used for authentication in repositories for known types of secrets. The product also supports custom patterns for secrets, so you can search for sensitive organization-specific information. 

GitHub is also launching a new scanning feature that is designed to help organizations understand their secret leak footprint across their GitHub perimeter. This feature will be free for GitHub Team and Enterprise organizations.

The second product to be announced is GitHub Code Security. GitHub says that new customers will also be able to purchase Code Security, which detects and fixes vulnerabilities in your code before it reaches production. Code Security will be available for $30 per month per active committer. Its features start with Copilot Autofix, which automatically suggests fixes for vulnerabilities in existing code and pull requests. It also has security campaigns, and "Dependabot" features for protection against dependency-based vulnerabilities.

Customers on the GitHub Team plan will be able to purchase Secret Protection and Code Security on a consumption-based, pay-as-you-go model (i.e. metered billing). 

More Information

GitHub Enterprise

Related Articles

GitHub Improves Code Search

GitHub Code Scanning Now Uses Machine Learning

GitHub Enterprise Adds Centralized User Accounts

Visual Studio Integrates GitHub Accounts

GitHub Enterprise 2.14 Adds Unified Search

GitHub Enterprise Adds Team Discussions

GitHub Enterprise Adds Global Webhooks 

GitHub Enterprise 2.1 Released

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Comments

Make a Comment or View Existing Comments Using Disqus

or email your comment to: comments@i-programmer.info