GitHub Partner Portal

GitHub Universe 2022 Recap + 2 Partner GTM Opportunities

2022-12-01T05:00:46+00:00

So what’s new?

Thank you for joining us at GitHub Partner Connect! We had 100+ partners to hear directly from our CEO, CRO, & VP of Strategy (Product) about our 2023 Vision, Product Roadmap, and how partners play a key part in our vision!

Thank you to our partners that spoke at GitHub Universe: Amazon, Google, HashiCorp, LinkedIn, & Pulumi and to our sponsors Arm, Docker, Sentry, Octopus Deploy, Microsoft, and readme.

“Partner Ship” Speaker Series

Didn’t get a chance to present at Universe? Submit a talk for our new “Partner Ship” Webinar Speaker Series where we’ll be going over the latest partner ships and integrations with the GitHub platform. These speaker series will go on for 3 months with different themes and will be 30 min in length; more details below. Please fill out this form to submit your speaker presentation.

Program Details

Webinar Format

30 minute live demo of your team presenting a recent “Partner Ship” of a GitHub integration including a live demo and what it means for our mutual customers.

Speaker Submissions Due:

February - Application Due: 12/16
March - Application Due : 1/13
April - Application Due: 2/10

Speakers Announced:

February - 1/6
March - 2/3
April - 3/3

Track Schedule

February - Action
March - Security
April - AI

Tech-Sales Pilot Program Submissions

The GitHub Tech-Sales Pilot Program is an opportunity for partners to receive revenue for referrals that lead to GitHub sales. This is a pilot program as we look to scale out the program more broadly, so we are taking submissions from partners on integrated solutions with GitHub that we could prioritize. We plan to take submissions and reach out to partners by January 18, 2023, on the next steps with more details. You can submit your ideas here.

Updates

Secret Scanning Partner Updates

New partner agreement coming soon

As GitHub matures its secret scanning program, we want to help our mutual users remediate secrets leaked in their repositories. We are now preparing updates to our process so that we can send you leaked tokens and, in return, retrieve information to help our users. To support this change, we will soon reach out with a new legal agreement addendum for all secret scanning partners to sign. As we continue our improvements, we are also looking to update partner endpoints to accommodate the new metadata checks. If you want to be first in line to get this work done for your organization, please reach out to us at secret-scanning@github.com. with your new endpoint. We would also like to share a sneak peek at what this new experience could look like!

In the first half of FY23, we have onboarded over 20 new patterns for new and prior Technology and Secret Scanning Partners. We published changelogs for the following partners celebrating them as part of our program: Chief Tools, DevCycle, Prefect, ReadMe, UNIwise, Zuplo, Sendinblue

As a reminder, we would love to have all of our Technology Partners also part of our Secret Scanning program. Here is some documentation explaining a high level overview of the technical process. The goal of our program is to secure the internet from any/all leaked tokens in public and private repositories. This blog post will help if you are interested in updating your token patterns to be more specific and secure. Join our free secret scanning program now! Email us at: partnerships@github.com

Get your Actions in the Marketplace verified

If you created a GitHub Action in the GitHub Marketplace, we urge you to get your Actions verified to establish a higher ranking, build trust with our community, and especially because Enterprises can limit Actions created by Verified Creators. To learn more, go to https://partner.github.com/verification

You know where to reach us

As always, feel free to reach out to us for questions at partnerships@github.com or support.github.com

Happy coding!

Why should Partners that create GitHub Actions get verified?

2022-11-07T00:00:00+00:00

Actions with the Verified Creator badge, indicate that GitHub has verified the creator of the action as a partner organization. All partners in the Technology Partnerships Program are eligible for the Verified Creator badge since it’s one of our many program benefits. We recommend that our partners who create actions request the verified creator badge by emailing us at partnerships@github.com because the badge provides several benefits that are outlined below.

Enterprises can limit to only actions created by Verified Creators: Admins have the ability to only allow GitHub Marketplace actions created by Verified Creators to be used by workflows. This is useful for Admins who want to ensure that only trusted Actions from the GitHub Marketplace are being used in their organizations.

Verified Publishers Rank Higher in search: The GitHub Marketplace is a great place for users to find Actions to use within their projects. Actions created by Verified Creators rank higher in search within the GitHub marketplace, which leads to higher visibility of those Actions.

Verified Creator badge builds trust with our community: Actions with the Verified Creator badge, indicate that GitHub has verified the creator of the action as a partner organization. This gives customers trust that the partner organization is a Technology Partner and has verified their domain, email and has a support contact with GitHub.

GitHub Advanced Security for Azure DevOps

2022-10-12T16:00:00+00:00

We are excited to announce that GitHub Advanced Security will be coming to Azure DevOps.

GitHub Advanced Security provides a native application security solution within the developer workflow, enabling organizations to manage open-source dependencies, custom code, and secrets across the software lifecycle. Automated security checks are run with every push and every pull request. Identified security issues are shared with developers immediately, with context, in their familiar workflow to empower them to fix vulnerabilities in minutes, not months

GitHub Advanced Security for Azure DevOps brings the same secret scanning, dependency scanning and CodeQL code scanning solutions already available for GitHub users and natively integrates them into Azure DevOps to protect your Azure Repos and Pipelines.

This is an opportunity for GitHub Technology Partners to extend their solutions to Azure DevOps. This announcement is the first step. In the next few weeks and months, the Technology Partnership and Engineering team will communicate with partners about their current or future integrations with Secret Scanning, Dependency Review, Code Scanning and Alerts experience.

We hope to be able to provide a meaningful set of features in the Private Preview that will highlight the partnership capabilities of GitHub Advanced Security on Azure DevOps.

You can read about the announcement in the Azure DevOps Blog and can sign up for the Private Preview.

For partners that would like to hear more about the latest news in the GitHub Technology Partner Program join us at GitHub Universe and Partner Connect.

GitHub Actions and Deploy Now are a match made in heaven!

2022-07-29T00:00:00+00:00

Deploy Now uses a combination of GitHub Actions and GitHub Apps to build, stage and deploy static sites, single-page applications and PHP apps.

@github Actions and Deploy Now are a match made in heaven!

Learn how the tool created by developers for developers is bringing together modern Git workflows and IONOS infrastructure.

➡️ https://t.co/j6yuAOgy8x pic.twitter.com/bFn2sq9wJW
— IONOS (@ionos_com) July 26, 2022

Monitor deployments and upload JavaScript source maps

2022-07-26T00:00:00+00:00

Monitor deployments and upload JavaScript source maps with https://t.co/ZvhN0GP9jC’s new GitHub Actions. Check out the details here: https://t.co/ic2MZIhyP8 @GitHubEnt #developerproductivity
— elmah.io (@elmah_io) July 19, 2022

Reduce databreach risks with Bearer GitHub Action

2022-07-01T00:00:00+00:00

Bearer is a Static Application Security Testing (SAST) tool that enables security and engineering teams to map sensitive data flows, implement data security controls and mitigate risks of data leaks throughout the development lifecycle.

Still haven’t set up @tryBearer on your codebases? Now you can enable Bearer's data discovery and risk management tool with our official GitHub Action. Read more about it on the blog: https://t.co/SOjEjtv7tX. Get the action now at https://t.co/OiwOwe2jlZ @GitHubEnt pic.twitter.com/naHIDCHv8e
— Bearer (@trybearer) June 30, 2022

Detect malicious build tools and packages in your GitHub Actions workflows

2022-07-01T00:00:00+00:00

GitHub Actions is a great platform for building CI/CD pipelines for your projects. StepSecurity is focused on creating open-source security solutions for CI/CD platforms and we’re excited to announce that we have partnered with GitHub to release a GitHub Action called Harden Runner that can detect compromised build tools and dependencies in your GitHub Actions workflows.

Detect malicious build tools and packages in your GitHub Actions workflows using Harden Runner GitHub Action, available in the @github Marketplace @GitHubEnt. Blog post: https://t.co/JnekKCCfBi
— StepSecurity (@step_security) May 18, 2022

Getting Started with Ingesting GitHub GHAS Alerts slides

2022-05-26T00:00:00+00:00

Slides: These slides provide an overview of how to ingest GitHub Advanced Security alerts into third party solutions

Figma Widget

2022-05-12T15:35:40+00:00

Go from brainstorming and planning to building with fewer steps in between with the new GitHub widget for FigJam!

Go from brainstorming and planning to building with fewer steps in between with the new GitHub widget for FigJam!https://t.co/SRiheAuQOU pic.twitter.com/D3B1qLg2wH
— GitHub (@github) May 10, 2022

Cloud 66

2022-05-12T07:04:15+00:00

Cloud66’s new GitHub App: Deploy your code, directly from the repository to your own servers on any cloud.

🥁 Cloud 66 is available on GitHub Marketplace. Now you can deploy your code, directly from the repository to your own servers on any cloud. @GitHubEnt @GitHub https://t.co/nFTfeEI47K pic.twitter.com/i97OYG6PXY
— Cloud 66 (@cloud66) May 11, 2022