{"payload":{"contentfulRawJsonResponse":{"sys":{"type":"Array"},"total":1,"skip":0,"limit":100,"items":[{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"4nVXAINssrYElYYoVDE8aO","type":"Entry","createdAt":"2024-03-08T12:54:34.039Z","updatedAt":"2024-03-08T12:54:34.039Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"containerPage"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security","path":"/enterprise/advanced-security","template":{"sys":{"type":"Link","linkType":"Entry","id":"2ZqzA3nPiZug41PKD4zkDy"}}}}],"includes":{"Entry":[{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"10EGshs8Mea4G1RpgfCoDf","type":"Entry","createdAt":"2024-03-08T12:56:46.921Z","updatedAt":"2024-03-08T12:56:46.921Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaq"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Evaluation","heading":"Evaluation","blocks":[{"sys":{"type":"Link","linkType":"Entry","id":"4PHQnRxVZYZgZiLW1WWKDN"}}]}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"11yEACoXv4hy24wZqwlIAg","type":"Entry","createdAt":"2024-03-08T12:54:07.552Z","updatedAt":"2024-03-08T12:54:20.838Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":2,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaq"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ General","heading":"General","blocks":[{"sys":{"type":"Link","linkType":"Entry","id":"3Btp4MlKIzdBxz0QNjO2sF"}}]}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"1ftpugGEC4pPPttbuQHAXg","type":"Entry","createdAt":"2024-03-08T12:56:36.241Z","updatedAt":"2024-03-12T07:10:23.475Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":3,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Evaluation Question 1","question":"Which GitHub plans are compatible with GitHub Advanced Security?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"GitHub Advanced Security can be added to GitHub Enterprise Cloud (GHEC) and GitHub Enterprise Server (GHES) plans. If you have a free or Team account, you will need to upgrade to a GitHub Enterprise plan before you can add GitHub Advanced Security. You can also request a free trial of both GitHub Enterprise and GitHub Advanced Security; ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"http://github.com/enterprise/contact"},"content":[{"nodeType":"text","value":"contact sales","marks":[],"data":{}}]},{"nodeType":"text","value":" to learn more.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"1lmogvykrK2PZ8HlgTVMdz","type":"Entry","createdAt":"2024-03-12T07:00:03.332Z","updatedAt":"2024-03-12T07:00:03.332Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Resources Question 1","question":"What security features are free to use for public repositories?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"As part of our mission to support the open source community and keep open source software safe and reliable for all, GitHub provides ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://docs.github.com/en/get-started/learning-about-github/about-github-advanced-security#about-advanced-security-features"},"content":[{"nodeType":"text","value":"security features","marks":[],"data":{}}]},{"nodeType":"text","value":" like code scanning, secret scanning, and supply chain security tools at no charge for use with public repositories.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"2NRCH2Yweb0AbWyL3x3UKP","type":"Entry","createdAt":"2024-03-12T06:32:17.823Z","updatedAt":"2024-03-12T06:33:59.853Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":2,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ General Question 5","question":"Where can I find information about the security of the GitHub platform?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"The GitHub platform itself features multiple layers of ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://github.com/security"},"content":[{"nodeType":"text","value":"security","marks":[],"data":{}}]},{"nodeType":"text","value":" to keep developers and their code safe in transit and at rest.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"2Qhm0nzITYQdS0IY7A3TdU","type":"Entry","createdAt":"2024-03-12T06:37:49.120Z","updatedAt":"2024-03-12T07:12:34.787Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":2,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Evaluation Question 3","question":"Can I get a demo or a free trial of GitHub Advanced Security?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Yes. Please ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"http://github.com/enterprise/contact"},"content":[{"nodeType":"text","value":"contact sales","marks":[],"data":{}}]},{"nodeType":"text","value":" to request a free trial.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"2T6jpQQyZylNq6lDCdMFxh","type":"Entry","createdAt":"2024-03-12T06:50:34.823Z","updatedAt":"2024-03-12T06:50:34.823Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ AI Question 3","question":"Do I need GitHub Copilot to use AI-powered features in GitHub Advanced Security?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"No, a GitHub ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning"},"content":[{"nodeType":"text","value":"Copilot","marks":[],"data":{}}]},{"nodeType":"text","value":" license is not required to get AI-powered features like autofix code suggestions in GitHub Advanced Security.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"2ZBEXWNRjfG6LlA2C1M8Ok","type":"Entry","createdAt":"2024-03-12T06:39:52.620Z","updatedAt":"2024-03-12T07:13:59.403Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":2,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Evaluation Question 5","question":"Where can I find case studies and reference customers?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Read our ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://github.com/customer-stories"},"content":[{"nodeType":"text","value":"customer stories","marks":[],"data":{}}]},{"nodeType":"text","value":" to learn how customers like ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://github.com/customer-stories/telus"},"content":[{"nodeType":"text","value":"Telus","marks":[],"data":{}}]},{"nodeType":"text","value":", ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://github.com/customer-stories/mercado-libre"},"content":[{"nodeType":"text","value":"Mercado Libre","marks":[],"data":{}}]},{"nodeType":"text","value":", and ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://github.com/customer-stories/kpmg"},"content":[{"nodeType":"text","value":"KPMG","marks":[],"data":{}}]},{"nodeType":"text","value":" use GitHub Advanced Security to secure applications and accelerate the software development lifecycle.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"2ZqzA3nPiZug41PKD4zkDy","type":"Entry","createdAt":"2024-03-08T12:54:30.839Z","updatedAt":"2024-03-08T12:54:30.839Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"templateFreeForm"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: Template","sections":[{"sys":{"type":"Link","linkType":"Entry","id":"6rbJlaFzGwUR9qOem5nmL7"}}]}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"2ebMLZpxfSEbDYcBMlbSFc","type":"Entry","createdAt":"2024-03-12T06:51:40.950Z","updatedAt":"2024-03-12T06:51:40.950Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqBlock"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ AI Block","questions":[{"sys":{"type":"Link","linkType":"Entry","id":"sX5mMhnPaq8ecEHwsNkdZ"}},{"sys":{"type":"Link","linkType":"Entry","id":"LL8qnDS4WTf2dNAiBFbtR"}},{"sys":{"type":"Link","linkType":"Entry","id":"2T6jpQQyZylNq6lDCdMFxh"}},{"sys":{"type":"Link","linkType":"Entry","id":"5YzPWqJFBa6XY8cbz4z2NS"}}]}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"2lWhFxz965LLFlBgUkxEZG","type":"Entry","createdAt":"2024-03-12T07:01:22.144Z","updatedAt":"2024-03-12T07:01:22.144Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Resources Question 2","question":"What is the GitHub Security Lab?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"The ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://securitylab.github.com/"},"content":[{"nodeType":"text","value":"GitHub Security Lab","marks":[],"data":{}}]},{"nodeType":"text","value":" is a team of security experts who cultivate a collaborative community where developers and security professionals come together to help secure open source software. Our mission: make open source software secure and reliable for the benefit of developers everywhere through collaboration and contributions from maintainers, developers, and security researchers around the world.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"2vEn6nya3G4yiphS9s6rgq","type":"Entry","createdAt":"2024-03-12T06:31:08.023Z","updatedAt":"2024-03-12T06:31:08.023Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ General Question 4","question":"What is AppSec?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Application security (AppSec) is the process of finding, fixing, and preventing security vulnerabilities in applications. GitHub Advanced Security provides AppSec tools for static application security testing (SAST), which identifies vulnerabilities in the code itself. Unlike dynamic application security testing (DAST), which probes live applications for vulnerabilities, GitHub Advanced Security helps keep vulnerabilities out of production.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"39dkNyzLN9YF95qGZ2nAmP","type":"Entry","createdAt":"2024-03-12T07:04:30.701Z","updatedAt":"2024-03-12T07:04:30.701Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaq"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Resources","heading":"More Security Resources","blocks":[{"sys":{"type":"Link","linkType":"Entry","id":"5oIXAy9CiGkZN2Vq4Q8XEP"}}]}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"3Btp4MlKIzdBxz0QNjO2sF","type":"Entry","createdAt":"2024-03-08T12:53:52.034Z","updatedAt":"2024-03-12T06:32:34.386Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":2,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqBlock"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ General Block","questions":[{"sys":{"type":"Link","linkType":"Entry","id":"3j1Dr1M2q0CHQp6iDUMpJS"}},{"sys":{"type":"Link","linkType":"Entry","id":"Gfv8yLBqxvvh3rHVCLqGP"}},{"sys":{"type":"Link","linkType":"Entry","id":"4V4cD45VXlDlfaSSh9g5HB"}},{"sys":{"type":"Link","linkType":"Entry","id":"2vEn6nya3G4yiphS9s6rgq"}},{"sys":{"type":"Link","linkType":"Entry","id":"2NRCH2Yweb0AbWyL3x3UKP"}}]}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"3YeEWqqBjgRQZm6h00ITpK","type":"Entry","createdAt":"2024-03-12T06:52:35.733Z","updatedAt":"2024-03-12T06:52:35.733Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaq"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ AI","heading":"AI","blocks":[{"sys":{"type":"Link","linkType":"Entry","id":"2ebMLZpxfSEbDYcBMlbSFc"}}]}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"3eYxV8QQNFYstYsYHZO02n","type":"Entry","createdAt":"2024-03-12T06:56:09.363Z","updatedAt":"2024-03-12T06:56:09.363Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Deployment Question 2","question":"Does GitHub offer consulting, training, and other deployment services?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Yes! Please visit ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning"},"content":[{"nodeType":"text","value":"Expert Services","marks":[],"data":{}}]},{"nodeType":"text","value":" to learn more.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"3ec8xhOzWLIwx4sa4IRCWD","type":"Entry","createdAt":"2024-03-12T07:03:58.990Z","updatedAt":"2024-03-12T07:03:58.990Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Resources Question 4","question":"How can I manage and secure open source dependencies?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"GitHub provides extensive ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security"},"content":[{"nodeType":"text","value":"supply chain security","marks":[],"data":{}}]},{"nodeType":"text","value":" tools and resources to help developers and maintainers keep open source software up-to-date and secure, including Dependabot. If you’re new to software supply chain security, the ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://docs.github.com/en/code-security/getting-started/dependabot-quickstart-guide"},"content":[{"nodeType":"text","value":"Dependabot quickstart guide","marks":[],"data":{}}]},{"nodeType":"text","value":" is a great place to begin.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"3j1Dr1M2q0CHQp6iDUMpJS","type":"Entry","createdAt":"2024-03-08T12:53:40.169Z","updatedAt":"2024-03-08T12:53:40.169Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ General Question 1","question":"What is GitHub Advanced Security?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"GitHub Advanced Security is the native Static Application Security Testing (SAST) solution for GitHub Enterprise and Azure DevOps. Designed to accelerate the delivery of secure software, GitHub Advanced Security adds cutting-edge tools for static analysis, software composition analysis, and secret scanning to the GitHub platform that developers already know and love. Unlike traditional application security packages that burden the software development toolchain with complex workflows that inhibit adoption, GitHub Advanced Security makes it easy for developers to find and fix vulnerabilities earlier in the software development life cycle. By adding GitHub Advanced Security to the GitHub platform, security leaders can address compliance requirements while empowering development teams to solve customer problems, surpass competitors, and reduce the time-to-value for software development projects.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"3pOJm5q6B1U6tlSGa2a4aR","type":"Entry","createdAt":"2024-03-12T07:02:21.157Z","updatedAt":"2024-03-12T07:02:21.157Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Resources Question 3","question":"What is the Advisory Database, and how is it different from a CVE?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Common Vulnerabilities and Exposures (CVE) is a database of publicly disclosed information about security issues, with a unique number to identify each vulnerability. But while CVEs document vulnerabilities, they don’t tell the whole story. Unlike a CVE, entries in the ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://github.com/advisories"},"content":[{"nodeType":"text","value":"GitHub Advisory Database","marks":[],"data":{}}]},{"nodeType":"text","value":" contain additional context and remediation guidance – sourced from a global community of security experts and curated by the GitHub Security Lab – to help developers and security teams understand vulnerabilities, assess risk, and fix with confidence.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"3qI5BnEexR9CuWknO7mOYH","type":"Entry","createdAt":"2024-03-12T06:38:31.478Z","updatedAt":"2024-03-12T07:13:23.729Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":2,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Evaluation Question 4","question":"Where can I find a video overview of GitHub Advanced Security?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"This ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://youtu.be/pAQAdKk_WBs?si=gFsfgd86PcPlmO4w"},"content":[{"nodeType":"text","value":"video","marks":[],"data":{}}]},{"nodeType":"text","value":" provides an overview of GitHub Advanced Security, plus demos of key features like code scanning, AI-powered autofix code suggestions, software supply chain management, and secret scanning.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"4PHQnRxVZYZgZiLW1WWKDN","type":"Entry","createdAt":"2024-03-08T12:56:42.922Z","updatedAt":"2024-03-12T06:42:24.227Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":2,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqBlock"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Evaluation Block","questions":[{"sys":{"type":"Link","linkType":"Entry","id":"1ftpugGEC4pPPttbuQHAXg"}},{"sys":{"type":"Link","linkType":"Entry","id":"5vNGYJGacC7VV13QNWOLx"}},{"sys":{"type":"Link","linkType":"Entry","id":"2Qhm0nzITYQdS0IY7A3TdU"}},{"sys":{"type":"Link","linkType":"Entry","id":"3qI5BnEexR9CuWknO7mOYH"}},{"sys":{"type":"Link","linkType":"Entry","id":"2ZBEXWNRjfG6LlA2C1M8Ok"}}]}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"4V4cD45VXlDlfaSSh9g5HB","type":"Entry","createdAt":"2024-03-12T06:29:25.169Z","updatedAt":"2024-03-12T06:29:25.169Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ General Question 3","question":"What is DevSecOps?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"DevSecOps refers to a combination of the development, security, and operations tools necessary to develop software applications.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"5YzPWqJFBa6XY8cbz4z2NS","type":"Entry","createdAt":"2024-03-12T06:51:30.102Z","updatedAt":"2024-03-12T06:51:30.102Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ AI Question 4","question":"Where can I learn more about code scanning autofix?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Learn more about how GitHub Advanced Security generates and tests autofix code suggestions on ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://docs.github.com/en/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning#quality-of-autofix-suggestions"},"content":[{"nodeType":"text","value":"GitHub Docs","marks":[],"data":{}}]},{"nodeType":"text","value":".","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"5oIXAy9CiGkZN2Vq4Q8XEP","type":"Entry","createdAt":"2024-03-12T07:04:10.561Z","updatedAt":"2024-03-12T07:04:10.561Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqBlock"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Resources Block","questions":[{"sys":{"type":"Link","linkType":"Entry","id":"1lmogvykrK2PZ8HlgTVMdz"}},{"sys":{"type":"Link","linkType":"Entry","id":"2lWhFxz965LLFlBgUkxEZG"}},{"sys":{"type":"Link","linkType":"Entry","id":"3pOJm5q6B1U6tlSGa2a4aR"}},{"sys":{"type":"Link","linkType":"Entry","id":"3ec8xhOzWLIwx4sa4IRCWD"}}]}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"5vNGYJGacC7VV13QNWOLx","type":"Entry","createdAt":"2024-03-12T06:37:04.044Z","updatedAt":"2024-03-12T07:11:52.021Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":2,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Evaluation Question 2","question":"Can I use GitHub Advanced Security with Microsoft Azure DevOps?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Yes. GitHub Advanced Security is available as an ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://azure.microsoft.com/en-us/products/devops/github-advanced-security"},"content":[{"nodeType":"text","value":"add-on","marks":[],"data":{}}]},{"nodeType":"text","value":" for Azure DevOps.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"6NfFRTS9aDOz9FxsOzzyfA","type":"Entry","createdAt":"2024-03-08T12:54:13.615Z","updatedAt":"2024-03-12T07:07:39.463Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":3,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqGroup"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Group","heading":"Frequently Asked Questions","faqs":[{"sys":{"type":"Link","linkType":"Entry","id":"11yEACoXv4hy24wZqwlIAg"}},{"sys":{"type":"Link","linkType":"Entry","id":"10EGshs8Mea4G1RpgfCoDf"}},{"sys":{"type":"Link","linkType":"Entry","id":"3YeEWqqBjgRQZm6h00ITpK"}},{"sys":{"type":"Link","linkType":"Entry","id":"7AZeLtcZnizVZoS2hqeSBn"}},{"sys":{"type":"Link","linkType":"Entry","id":"39dkNyzLN9YF95qGZ2nAmP"}}]}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"6rbJlaFzGwUR9qOem5nmL7","type":"Entry","createdAt":"2024-03-08T12:54:27.252Z","updatedAt":"2024-03-08T12:54:27.252Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"templateFreeFormSection"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Section","components":[{"sys":{"type":"Link","linkType":"Entry","id":"6NfFRTS9aDOz9FxsOzzyfA"}}],"colorMode":"inherit"}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"7AZeLtcZnizVZoS2hqeSBn","type":"Entry","createdAt":"2024-03-12T06:56:38.219Z","updatedAt":"2024-03-12T06:56:38.219Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaq"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Deployment","heading":"Deployment","blocks":[{"sys":{"type":"Link","linkType":"Entry","id":"7FHMSMrnreMNMcGaCEHHWz"}}]}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"7FHMSMrnreMNMcGaCEHHWz","type":"Entry","createdAt":"2024-03-12T06:56:22.598Z","updatedAt":"2024-03-12T06:56:22.598Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqBlock"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Deployment Block","questions":[{"sys":{"type":"Link","linkType":"Entry","id":"7v324a1fK2rDjd3v6jzRoS"}},{"sys":{"type":"Link","linkType":"Entry","id":"3eYxV8QQNFYstYsYHZO02n"}}]}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"7v324a1fK2rDjd3v6jzRoS","type":"Entry","createdAt":"2024-03-12T06:55:07.511Z","updatedAt":"2024-03-12T06:55:07.511Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ Deployment Question 1","question":"Can I review documentation before purchase?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Yes. As with all GitHub products, ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://docs.github.com/en/get-started/learning-about-github/about-github-advanced-security"},"content":[{"nodeType":"text","value":"documentation","marks":[],"data":{}}]},{"nodeType":"text","value":" for GitHub Advanced Security is publicly available.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"Gfv8yLBqxvvh3rHVCLqGP","type":"Entry","createdAt":"2024-03-12T06:28:21.365Z","updatedAt":"2024-03-12T06:28:21.365Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ General Question 2","question":"Why choose GitHub Advanced Security instead of a third-party AppSec product?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"Unlike third-party security add-ons, GitHub Advanced Security operates entirely in the native GitHub workflows that developers already know and love. By making it easier for developers to remediate vulnerabilities as they go, GitHub Advanced Security frees time for security teams to focus on critical strategies that protect businesses, customers, and communities from application-based vulnerabilities.","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"LL8qnDS4WTf2dNAiBFbtR","type":"Entry","createdAt":"2024-03-12T06:48:29.633Z","updatedAt":"2024-03-12T06:48:29.633Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ AI Question 2","question":"How does autofix work?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"GitHub ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://docs.github.com/en/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning#about-code-scanning"},"content":[{"nodeType":"text","value":"code scanning","marks":[],"data":{}}]},{"nodeType":"text","value":" analyzes the code in a repository to find security vulnerabilities and other errors. Scans can be triggered on a schedule or upon specified events, such as pushing to a branch or opening a pull request. When a problem is identified, an alert is presented to the user. Code scanning can be used with first- or third-party alerting tools, including open source and private tools. GitHub Advanced Security provides a first-party alerting tool powered by ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://codeql.github.com/"},"content":[{"nodeType":"text","value":"CodeQL","marks":[],"data":{}}]},{"nodeType":"text","value":", our semantic code analysis engine, which allows querying of a codebase as though it were data. Our in-house security experts have developed a rich set of queries to detect security vulnerabilities across a host of popular languages and frameworks. Building on top of this detection capability, code scanning autofix takes security a step further by suggesting AI-generated fixes for alerts. In its first iteration, autofix is enabled for CodeQL alerts detected in a pull request, beginning with JavaScript, TypeScript, and Python alerts. It explains the problem and its fix strategy in natural language, displays the suggested fix directly in the pull request page, and allows the developer to commit, dismiss, or edit the suggestion. ","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://github.blog/2024-02-14-fixing-security-vulnerabilities-with-ai/"},"content":[{"nodeType":"text","value":"Learn more","marks":[],"data":{}}]},{"nodeType":"text","value":".","marks":[],"data":{}}]}]}}},{"metadata":{"tags":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"8aevphvgewt8"}},"id":"sX5mMhnPaq8ecEHwsNkdZ","type":"Entry","createdAt":"2024-03-12T06:45:32.337Z","updatedAt":"2024-03-12T06:45:32.337Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"primerComponentFaqQuestion"}},"locale":"en-US"},"fields":{"title":"/enterprise/advanced-security: FAQ AI Question 1","question":"What are the AI-powered features in GHAS?","answer":{"nodeType":"document","data":{},"content":[{"nodeType":"paragraph","data":{},"content":[{"nodeType":"text","value":"GitHub Advanced Security leverages the GitHub Copilot to provide code suggestions to remediate vulnerabilities (","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning"},"content":[{"nodeType":"text","value":"autofix","marks":[],"data":{}}]},{"nodeType":"text","value":") and to deliver new secret scanning capabilities such as a","marks":[],"data":{}},{"nodeType":"hyperlink","data":{"uri":"https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/about-the-regular-expression-generator-for-custom-patterns"},"content":[{"nodeType":"text","value":" regular expression generator","marks":[],"data":{}}]},{"nodeType":"text","value":" for custom patterns.","marks":[],"data":{}}]}]}}}]}},"requestDemoPath":"https://resources.github.com/demo/advanced-security/","heroContactSalesPath":"/enterprise/contact?ref_cta=Contact+sales&ref_loc=hero&ref_page=%2Fenterprise%2Fadvanced-security&scid=&utm_campaign=adv-security&utm_content=Security&utm_medium=site&utm_source=github","navContactSalesPath":"/enterprise/contact?ref_cta=Contact+sales&ref_loc=navigation&ref_page=%2Fenterprise%2Fadvanced-security&scid=&utm_campaign=adv-security&utm_content=Security&utm_medium=site&utm_source=github","pricingContactSalesPath":"/enterprise/contact?ref_cta=Contact+sales&ref_loc=pricing&ref_page=%2Fenterprise%2Fadvanced-security&scid=&utm_campaign=adv-security&utm_content=Security&utm_medium=site&utm_source=github"},"title":"GitHub · Enterprise Application Security · GitHub"}