Skip to content


Security at GitHub

Millions of teams trust GitHub to keep their work safe. Our team of experts goes beyond industry standards to secure our platform. And builds features that help you do the same.

Meet our Team 

See how we earn your trust 

Security - two people close a secure vault
decorative shapes


Secure code,
from blueprint to execution

Accounts and access

Keep your GitHub account secure—and review important changes along the way.

  • Two-factor Authentication (2FA) (SMS, TOTP)
  • Universal Second Factor (U2F)
  • Delegated Account Recovery
  • Git over Secure Shell (SSH) and HTTPS
  • GPG commit-signing verification
  • Email privacy controls
  • Security audit log

Teams and integrations

Manage teams, projects, and integrations to do your best work securely.

  • Fine-grained access controls
  • SAML
  • LDAP
  • Repository access levels (Read, write, and admin)
  • Base repository permissions
  • OAuth Application Whitelists
  • Security monitoring through organization-wide webhooks
  • Access controls for third-party integrations

Projects and monitoring

Build confidently with exactly the right teams—and monitor security as you go.

  • Required reviews
  • Required status checks
  • Built-in continuous integration (CI) and testing
  • Read only deploy keys
  • Deployments API
  • Monitoring and logging
  • Evidence key controls
Hand unlocking lock