GitHub announced it is making some changes to GitHub Advanced Security (GHAS), its AI-powered solution for application security that offers remediation, static analysis, secret scanning, and software composition analysis.
Beginning April 1, GHAS will be split into two products that will be available as standalone options.
GitHub Secret Protection prevents secret leaks by scanning secrets and utilizing AI-powered detection.
GitHub Code Security identifies and remediates vulnerabilities in code via code scanning, Copilot Autofix, security campaigns, and Dependency Review Action.
GitHub Secret Protection will be available for $19/month/active committer and GitHub Code Security will be available for $30/month/active committer.
Currently, GitHub Advanced Security is only available to purchase as an add-on for GitHub Enterprise customers, which is the company’s highest tier plan that starts at $21/month/user. With these changes, any GitHub Team subscriber (starting at $4/month/user) will be able to purchase these products.
“With the introduction of Secret Protection and Code Security as separate products with a flexible pricing model, GitHub is broadening access to security tools designed for enterprise use in complex, large-scale development environments. With this change, organizations of all sizes have expanded choice in implementing protections against leaked secrets and vulnerable code, two prevalent risks in application security today,” said Katie Norton, research manager of DevSecOps and software supply chain security at IDC.
