GitHub Launches Free Secret Risk Assessment Tool

By

The tool shows secret exposure across your organization.

GitHub has launched a free secret risk assessment tool, as part of recent changes to its Advanced Security offerings.

The free tool, which is now available in the Security tab, “gives admins and developers a clear view of where secrets are exposed across their organization” and offers actionable steps to better secure their environments.

The company has also unbundled GitHub Advanced Security to make the following tools available as standalone products:

  • GitHub Secret Protection: Detects and prevents secret leaks before they happen using push protection, secret scanning, AI-powered detection with low false-positive rate, security insights, and more. Available at $19/month per active committer.
  • GitHub Code Security: Helps identify and remediate vulnerabilities faster with code scanning, Copilot Autofix, security campaigns, Dependency Review Action, and more. Available at $30/month per active committer.

GitHub Team customers can purchase these products without a GitHub Enterprise subscription.

Learn more at GitHub.
 
 

 
 
 

04/08/2025
Security , tools

Related content

  • News for Admins
    In the news: US Agencies Issue Quantum-Readiness Recommendations; Bitwarden Secrets Manager; IBM X-Force Releases Detection and Response Framework for Managed File Transfers; National Strategy to Expand US Cyber Workforce; SEC Adopts New Rules for Disclosure of Cybersecurity Incidents; Canonical Announces Real-Time Ubuntu for Intel Core; EU-US Data Privacy Framework Ensures Safe Data Transfers; IEEE Releases New Standard for LiFi Communications; EU Health Sector Security Risks; and JupyterLab 4.0.
    more »
  • Lead Image © Sergey Nivens, 123RF.com
    Efficient password management in distributed teams
    Team members often need certain information to authenticate against servers. You don't want to save this secret data in plain text, but you don't want to retype it every time, either. How can you share these secrets?
    more »
  • NIST Releases Open Source Tool for Assessing Risk of AI Models
    more »
  • Credential management with HashiCorp Vault
    Admin teams can use secret sharing to centrally manage shared access to user accounts and services. HashiCorp Vault is one of the few tools that has proven effective when it comes to implementing this solution. Here's how to use this open source tool and keep important credentials safe.
    more »
  • Lead Image © Sebastian Duda, 123RF.com
    Build and host Docker images
    When facing the challenge of packaging your application in a container, take into account your needs in terms of handling and security and investigate sensible options for hosting your own registry.
    more »
comments powered by Disqus