Securing Open Source Workflows

Discover how GitHub Security Lab provides open source workflows and tooling with the largest community database advisory we all depend on. Walk through strategies with our security researchers and how they make their work actionable for developers.

Expand your understanding of:

• Open source ecosystem: how security research powers health
• What are Security Advisories: How GitHub publishes and engages with the National Vulnerability Database to bolster Open Source Security
• Workflows for the ecosystem: How to leverage GitHub’s Security Advisory workflow to help maintainers and downstream consumers of their projects
• Demo:
  • Navigating advisory reports with CodeQL
  • SCA: workflows with Dependabot in your PR

What to expect:

We encourage you to enable your camera, participate in the conversation over chat, and connect with your peers.

Register now! 💪