Is Github Safe?

What is Github's trust score?

Github has a Nerq Trust Score of 63.2/100, earning a C+ grade. This score is based on 2 independently measured dimensions including security, maintenance, and community adoption.

What are the key security findings for Github?

Github's strongest signal is popularity at 100/100. No known vulnerabilities have been detected. It has not yet reached the Nerq Verified threshold of 70+.

What is Github and who maintains it?

Detailed Score Analysis

Based on 5 dimensions. Data from company registration, SOC 2/ISO 27001 certifications, privacy policy analysis, and app store metadata.

What data does Github collect?

Github is a SaaS platform. GitHub is a code hosting platform owned by Microsoft (acquired 2018 for $7.5B). Based in San Francisco. 100 million+ developers. SOC 2 Type 2, ISO 27001, and FedRAMP certified. Features include repositories, pull requests, Actions (CI/CD), Copilot (A

Privacy score: 60/100. As a SaaS platform, Github processes user data in the cloud. Review the privacy policy for details on data retention, third-party sharing, and data processing locations.

For business use, request a Data Processing Agreement (DPA) and verify GDPR compliance before uploading sensitive data.

Full analysis: Github Privacy Report · Privacy review

Is Github secure?

Security score: 90/100. GitHub is a code hosting platform owned by Microsoft (acquired 2018 for $7.5B). Based in San Francisco. 100 million+ developers. SOC 2 Type 2, ISO 270

Check Github's security page for certifications such as SOC 2 Type II, ISO 27001, or GDPR compliance documentation. These certifications indicate that the vendor follows established security practices and undergoes regular audits.

For enterprise deployments, verify SSO/SAML support, role-based access control, and audit logging capabilities.

Full analysis: Github Security Report

Github Across Platforms

Same developer/company in other registries:

How we calculated this score

Github's trust score of 63.2/100 (C+) is computed from company registration, SOC 2/ISO 27001 certifications, privacy policy analysis, and app store metadata. The score reflects 5 independent dimensions: security (90/100), privacy (60/100), reliability (75/100), transparency (85/100), maintenance (60/100). Each dimension is weighted equally to produce the composite trust score.

Nerq analyzes over 7.5 million entities across 26 registries using the same methodology, enabling direct cross-entity comparison. Scores are updated continuously as new data becomes available.

This page was last reviewed on April 07, 2026. Data version: 1.0.

Full methodology documentation · Machine-readable data (JSON API)