Finding GitHub's security documents - some helpful tips!
We get the question from customers, "I can't access GitHub's SOC 2 because I am not a GitHub Enterprise customer, does that mean I need to upgrade my GitHub account?"
Thankfully, No! You have a few options you can reference as part of your Vendor review and documentation for GitHub:
- GitHub's SOC3 (a redacted version of a SOC2)
- GitHub's ISO27001 certificate
- You can find it all here: https://github.com/security
Comments
3 comments
Hi Jonathan Palumbo!
This is a great question - it looks like it can be found in a few places:
From Github: Our newly available ISO/IEC 27001:2013 Certification report can be downloaded now.
Compliance
tab of the enterprise account:https://github.com/enterprises/"your-enterprise"/settings/compliance
.Authentication Security
settings tab of their organization:https://github.com/organizations/"your-org"/settings/security
.If you access the link referenced above from Emmett Jones, if you scroll down to the bottom of the page, you have the option to view the different certificates. (It's about midway down the page: https://github.com/security.)
Feel free to reach out if you still run into issues!
This is excellent advice, Emmett Jones. The customer success team is always looking out for our customers! 🔥💜
I don't see the ISO Certificate on that page. Could you point me to where it is exactly?
Please sign in to leave a comment.