GitHub Advanced Security Reviews

The primary use case for GitHub Advanced Security is for SCSS (Semantic Code Search and Scan) dependencies scan and secret scan.

The most valuable features are security scan, dependency scan, and cost-effectiveness. Microsoft owns the platform, and it is included with Azure DevOps. We get a lot of good features at a very low cost.

There could be DST features included in the product.

We have been using GitHub Advanced Security for six months.

The stability of GitHub Advanced Security within Azure DevOps is highly commendable. Its serverless architecture, maintained by Microsoft, eliminates scaling concerns and load-related worries. The absence of maintainability costs, such as server upgrades, reduces administrative overhead.

We have 500 GitHub Advanced Security users in our organization.

We refer to the Microsoft documentation in case of technical issues.

The decision to switch or adopt GitHub Advanced Security was driven by the seamless integration and alignment with Microsoft technologies, eliminating the need for additional tools with their cloud or dependencies.

It provides one-click integration. It saves a lot of additional costs for setup and third-party consultancy compared to other vendors. It has severless maintenance, which is taken care of by Microsoft.

It is a user-friendly tool for those new to security, offering ease of use and integration within an organization. However, another specialized tool may be required for more advanced security needs, especially concerning data security testing (DST) and potentially information security management systems (ISMS). I rate GitHub Advanced Security a ten out of ten.

We keep our firewall security in place. Customers use GitHub because they don't want to coordinate with many tools. 

GitHub provides advanced security, which is why the customers choose this tool; it allows them to rely solely on GitHub as one platform for everything they need.

For customers, GitHub Advanced Security is valuable for several reasons. It offers server security and the key features. 

The report limitations are the main issue. We can only see a limited number of reports from Advanced Security. Many enterprise customers would prefer PDF reports. 

I've had experience with this solution for about a year.

It's a stable product. I would rate the stability a nine out of ten.

It is highly scalable. Our clients are enterprise businesses. 

The customer service and support is fine.

Positive

The initial setup was very easy; it wasn't difficult. 

GitHub allows for quick deployment depending on the customer's specific needs.  

Overall, I would rate the solution a ten out of ten.