Github has announced plans to unbundle its GitHub Advanced Security (GHAS) product into two standalone products, GitHub Secret Protection and GitHub Code Security, in a move aimed at making its security offering more accessible and cost-effective for organizations of all sizes.

The unbundling, set to take effect on April 1, will allow developers to access advanced code and secret scanning capabilities without requiring a GitHub Enterprise subscription. Currently, GHAS provides private repositories with capabilities to scan for security vulnerabilities and secrets, but the new product plan will make these features more widely available.

GitHub Secret Protection will focus on detecting and preventing secret leaks before they happen, leveraging capabilities such as push protection, secret scanning, AI-powered detection, security insights, and more. Meanwhile, GitHub Code Security will help developers identify and remediate vulnerabilities faster with code scanning, Copilot autofix, security campaigns, dependency review action, and other features.

The move is intended to make GitHub's security offering more accessible and cost-effective, allowing organizations of all sizes to benefit from enterprise-grade security features as they build and offer code. By unbundling GHAS, GitHub aims to provide more flexibility and choice for its users, who can now select the specific security features that best meet their needs.

In addition to the unbundling of GHAS, GitHub is also launching a free secret risk assessment for users to understand secret leak exposure across GitHub. This service, available on April 1 in the Security tab, will provide users with a comprehensive view of their secret risk profile and help them take proactive measures to prevent secret leaks.

The expansion of GitHub's security offering is likely to have significant implications for the industry, as it will provide more organizations with access to advanced security features and capabilities. This, in turn, could lead to improved security practices and a reduction in the number of security breaches and vulnerabilities.

GitHub's move also underscores the growing importance of security in the development process, as organizations increasingly recognize the need to integrate security into every stage of the software development lifecycle. By providing more accessible and cost-effective security features, GitHub is helping to drive this trend forward and promote a culture of security within the development community.

Overall, the unbundling of GHAS and the launch of GitHub Secret Protection and GitHub Code Security represent a significant development in the world of cloud computing and security. As the industry continues to evolve, it will be important to watch how these new products are received by users and the impact they have on security practices more broadly.