Summary: GitHub has launched security campaigns, aimed at enhancing collaboration between developers and security teams to effectively resolve application vulnerabilities. This feature, now generally available for GitHub Advanced Security and Code Security customers, significantly improved the resolution of security debt during its preview phase. By streamlining the remediation process, security campaigns help organizations reduce unresolved vulnerabilities and foster better teamwork among their technical staff.
Affected: GitHub Advanced Security and GitHub Code Security customers
Keypoints :
- Security campaigns lead to a 55% fix rate for prioritized vulnerabilities compared to just 10% without their implementation.
- The process includes prioritizing vulnerabilities, notifying developers, and integrating tasks into their workflow.
- Copilot Autofix assists by suggesting automatic remediation for alerts within campaigns, enhancing developer efficiency.
- The campaigns are managed by appointed personnel to ensure progress and foster collaboration between developers and security teams.
Source: https://www.securityweek.com/github-announces-general-availability-of-security-campaigns/