Advanced Security, available for both GitHub Enterprise Cloud and Enterprise Server customers, introduces a range of features dedicated to enhancing code quality. GitHub has continually expanded Advanced Security over the past year, incorporating numerous capabilities. Now, the platform is integrating AI to revolutionize the way developers establish security measures in their applications right from the start.
Among the new features is an ‘autofix’ capability, where AI-generated fixes are provided for CodeQL, JavaScript, and TypeScript alerts in developers’ pull requests. This allows developers to promptly address issues with precise, actionable suggestions, preventing new vulnerabilities from entering codebases.
GitHub is also utilizing state-of-the-art Language Model Machines (LLMs) to minimize false positives in secret scanning, currently in limited public beta. The secret scanning program, with 180 partners and over 225 patterns for scanning, now incorporates AI to simplify the creation of custom patterns, enabling code maintainers to detect organization-specific secrets effortlessly.
The security overview dashboard has been updated to offer security managers and administrators a comprehensive analysis of security alerts, providing insights into risks, remediation, and prevention.
GitHub released a new version of its Octoverse report, indicating a rising trend in developers building open source generative AI projects. These projects have made it into the top 10 most popular open source projects by contributor count in 2023. The number of generative AI projects on GitHub more than doubled in the first half of 2023 compared to the entire 2022. Developers have transitioned from research to using pre-trained models and APIs to create applications powered by generative AI.
The report notes that almost all developers (92%) are using or experimenting with AI coding tools, and GitHub expects open source developers to lead the next wave of AI innovation. The top 20 open source generative AI projects on GitHub are currently owned by individuals, but as more developers become accustomed to pre-trained AI models, organizations are expected to join in.
GitHub has observed a 148% year-over-year growth in contributions to generative AI projects, with the US, India, and Japan leading the trend. As developers become more familiar with building generative AI-powered applications, a growing talent pool is expected to support businesses seeking to develop their own AI-powered products and services.
Furthermore, GitHub has announced the adoption of LLMs for GitHub Copilot, the AI developer tool with over one million paid users. In December, users will gain access to Copilot Chat, leveraging LLMs to assist developers in identifying errors and debugging code. This offering will be generally available as part of the existing GitHub Copilot subscription and will be provided at no cost to verified teachers, students, and maintainers of popular open source projects.
CyberSec84 | Cybersecurity news. 
Leave a comment