Senior Solution Architect at a manufacturing company with 10,001+ employees
Real User
Top 20
2024-07-01T14:16:40Z
Jul 1, 2024
Maybe make it compatible with more programming languages. Have a customized ruleset where the end-user can create their own rules for scanning. Also, support for container stuff, like when the code is running or built in a container, to offer more flexibility. The tool is pretty new, so maybe they will improve.
The deployment part of the product is an area of concern that needs to be made easier from an improvement perspective. In my company, the actual implementation phase takes time, though the tool is able to give us reports. It is not easy for our company's teams to understand what changes are to be made to the product. If there are some guidelines on how to make the changes in GitHub Advanced Security and how to address the vulnerabilities, then it would be a better tool. In general, the implementation part of the product is an area of concern where improvements are required.
Technical Program Manager at a healthcare company with 10,001+ employees
Real User
Top 5
2023-11-06T09:42:17Z
Nov 6, 2023
The current reporting features are limited and require improvement. Data is consolidated under the security tab, including secret scanning, and code vulnerabilities. This consolidation may lead to confusion, especially with many issues. A more refined approach, categorizing and emphasizing specific vulnerabilities, would be beneficial. Additionally, introducing robust reporting capabilities for tracking issue resolution progress would significantly enhance the platform's usability. Considering the current feature set, I am contemplating the potential inclusion of features, particularly those related to better integration with existing security tools. As a sizable organization, we already utilize specific security tools. While these tools can export data in a compatible format for integration with GitHub, there are challenges, especially with a diverse range of tools operating in the security space.
GitHub Advanced Security secures data by scanning for vulnerabilities in dependencies, secret scanning, and protecting sensitive information. It integrates seamlessly, reducing reliance on multiple tools and optimizing vulnerability detection.GitHub Advanced Security is designed to enhance security awareness by offering comprehensive tools for secret scanning, code analysis, and SCSS dependency checks. AI-driven features deliver accurate security insights while minimizing false positives. It...
Maybe make it compatible with more programming languages. Have a customized ruleset where the end-user can create their own rules for scanning. Also, support for container stuff, like when the code is running or built in a container, to offer more flexibility. The tool is pretty new, so maybe they will improve.
The deployment part of the product is an area of concern that needs to be made easier from an improvement perspective. In my company, the actual implementation phase takes time, though the tool is able to give us reports. It is not easy for our company's teams to understand what changes are to be made to the product. If there are some guidelines on how to make the changes in GitHub Advanced Security and how to address the vulnerabilities, then it would be a better tool. In general, the implementation part of the product is an area of concern where improvements are required.
There could be DST features included in the product.
The current reporting features are limited and require improvement. Data is consolidated under the security tab, including secret scanning, and code vulnerabilities. This consolidation may lead to confusion, especially with many issues. A more refined approach, categorizing and emphasizing specific vulnerabilities, would be beneficial. Additionally, introducing robust reporting capabilities for tracking issue resolution progress would significantly enhance the platform's usability. Considering the current feature set, I am contemplating the potential inclusion of features, particularly those related to better integration with existing security tools. As a sizable organization, we already utilize specific security tools. While these tools can export data in a compatible format for integration with GitHub, there are challenges, especially with a diverse range of tools operating in the security space.
There could be a centralized dashboard to view reports of all the projects on one platform.