Finding GitHub's security documents - some helpful tips!
We get the question from customers, "I can't access GitHub's SOC 2 because I am not a GitHub Enterprise customer, does that mean I need to upgrade my GitHub account?"
Thankfully, No! You have a few options you can reference as part of your Vendor review and documentation for GitHub:
- GitHub's SOC3 (a redacted version of a SOC2)
- GitHub's ISO27001 certificate
- You can find it all here: https://github.com/security
Comments
3 comments
Hi Jonathan Palumbo!
This is a great question - it looks like it can be found in a few places:
From Github: Our newly available ISO/IEC 27001:2013 Certification report can be downloaded now.
Compliance
tab of the enterprise account:https://github.com/enterprises/"your-enterprise"/settings/compliance
.Authentication Security
settings tab of their organization:https://github.com/organizations/"your-org"/settings/security
.If you access the link referenced above from @..., if you scroll down to the bottom of the page, you have the option to view the different certificates. (It's about midway down the page: https://github.com/security.)
Feel free to reach out if you still run into issues!
This is excellent advice, @.... The customer success team is always looking out for our customers! 🔥💜
I don't see the ISO Certificate on that page. Could you point me to where it is exactly?
Please sign in to leave a comment.