Skip to content

GitHub Advanced Security (GHAS)

We're excited to announce that we will be transitioning to GitHub Advanced Security in October.

We have been collecting your questions and answering them in the FAQ.

TL;DR

🗓️ GHAS will be available for all Equinor developers on the 1st of October.

🤷 We will lose access to Snyk on the 1st of November.

🌎 We recommend enabling GHAS features in your public repositories.

🗣️ Let us know in the #appsec channel if you have any questions

What this means for you?

Unified Platform: Code and code security will now be managed under the same platform, eliminating the need for a separate dashboard.

Current Usage: We will continue using Snyk until our licenses expire, so please keep utilizing the platform during this transition.

Overlap Period: In October, we’ll have a month where both Snyk and GHAS will be in use to ensure a smooth transition.

Container Scanning: Please note that GHAS does not currently offer container scanning solutions, we have explored other alternatives like Trivy so please reach out if you have any questions.

GHAS Features: We encourage you to enable GHAS features like secret scanning, Dependabot, and CodeQL in your public repositories. These features are free for open-source projects, so take advantage of them!