GitHub has invested heavily in the area of security and, as the world's largest open source platform, also has the ideal basis for analyzing and notifying dependencies and vulnerabilities of widely used libraries. In public repositories as well as in private repositories in GitHub Enterprise Cloud and GitHub Enterprise Server, a variety of security features are available under the GitHub Advanced Security license.

This presentation will show how the Code Scanning, Secret Scanning and Dependency Review features work. GitHub Actions and Pull Requests round out the toolbox for a successful DevSecOps process.