Security Assessment - Github

[bponeill15]

Select Topic Area

Question

Body

I work in IT at a USA law firm. We are required to do a security assessment on GitHub prior to purchasing licenses. We would send a link to a questionnaire (CAIQ) and need a contact person or email. How can GitHub help us with this request?

[davevad93]

Hi @bponeill15,

You can contact GitHub via the following contact methods:

1. By opening a ticket here.
2. Reach out via Twitter/X @github.
3. Send them an email at support@github.com.

[CoderSadhan]

To request a security assessment or complete a CAIQ questionnaire for GitHub, you should contact the GitHub Sales or Security team directly. The best way is to submit your request through the GitHub Sales Contact Form
or email sales@github.com
explaining that your organization needs to perform a security assessment before purchasing licenses. You can mention that you need a point of contact for completing the CAIQ form. GitHub’s enterprise or trust team will then connect you with the right person to handle your organization’s security and compliance inquiries.

[bponeill15]

Davide, thank you for your response. the response I received just before yours suggested I contact the sales team at ***@***.******@***.***> which I did. …but depending on how they respond I will use your suggestion to contact support as my next move. Thanks again Brian Brian P. O’Neill (IS) Software Compliance Administrator Fox Rothschild LLP direct (215) 299-2045 Internal 801-2045 From: Davide Presti ***@***.***> Sent: Friday, October 17, 2025 1:38 PM To: community/community ***@***.***> Cc: O'Neill (IS), Brian P. ***@***.***>; Mention ***@***.***> Subject: [EXT] Re: [community/community] Security Assessment - Github (Discussion #177248) Hi @bponeill15<https://github.com/bponeill15>, You can contact GitHub via the following contact methods: 1. By opening a ticket here<https://support.github.com/contact/account> and selecting "Other". 2. Reach out via Twitter/X @github<https://x.com/github>. 3. Send them an email at ***@***.******@***.***>. — Reply to this email directly, view it on GitHub<#177248 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AZ2V7L252VW4FJIU4BBBVEL3YESP3AVCNFSM6AAAAACJPUU7SOVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTINZRGIZTQOI>. You are receiving this because you were mentioned.Message ID: ***@***.***> This email contains information that may be confidential and/or privileged. If you are not the intended recipient, or the employee or agent authorized to receive for the intended recipient, you may not copy, disclose or use any contents in this email. If you have received this email in error, please immediately notify the sender at Fox Rothschild LLP by replying to this email and delete the original and reply emails. Thank you.

[bponeill15]

Sadhan, thank you very much for your response. I did exactly what you suggested and emailed the Sales Team. This was the answer I was looking for. Thanks again Brian Brian P. O’Neill (IS) Software Compliance Administrator Fox Rothschild LLP direct (215) 299-2045 Internal 801-2045 From: Sadhan Das ***@***.***> Sent: Friday, October 17, 2025 2:06 PM To: community/community ***@***.***> Cc: O'Neill (IS), Brian P. ***@***.***>; Mention ***@***.***> Subject: [EXT] Re: [community/community] Security Assessment - Github (Discussion #177248) To request a security assessment or complete a CAIQ questionnaire for GitHub, you should contact the GitHub Sales or Security team directly. The best way is to submit your request through the GitHub Sales Contact Form<https://github.com/enterprise/contact> or email ***@***.******@***.***> explaining that your organization needs to perform a security assessment before purchasing licenses. You can mention that you need a point of contact for completing the CAIQ form. GitHub’s enterprise or trust team will then connect you with the right person to handle your organization’s security and compliance inquiries. — Reply to this email directly, view it on GitHub<#177248 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AZ2V7L2RIHRYJUBUHDLOKOL3YEVYNAVCNFSM6AAAAACJPUU7SOVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTINZRGI3TGNQ>. You are receiving this because you were mentioned.Message ID: ***@***.***> This email contains information that may be confidential and/or privileged. If you are not the intended recipient, or the employee or agent authorized to receive for the intended recipient, you may not copy, disclose or use any contents in this email. If you have received this email in error, please immediately notify the sender at Fox Rothschild LLP by replying to this email and delete the original and reply emails. Thank you.

[bponeill15]

Sadhan, quick follow-up. The email I sent to ***@***.******@***.***> bounced back with a message that it is no longer supported and that I should reach out to their support team instead. …which I did. Thanks Brian Brian P. O’Neill (IS) Software Compliance Administrator Fox Rothschild LLP direct (215) 299-2045 Internal 801-2045 From: O'Neill (IS), Brian P. Sent: Monday, October 20, 2025 10:22 AM To: 'community/community' ***@***.***>; community/community ***@***.***> Cc: Mention ***@***.***>; Jones, James ***@***.***> Subject: RE: [EXT] Re: [community/community] Security Assessment - Github (Discussion #177248) Sadhan, thank you very much for your response. I did exactly what you suggested and emailed the Sales Team. This was the answer I was looking for. Thanks again Brian Brian P. O’Neill (IS) Software Compliance Administrator Fox Rothschild LLP direct (215) 299-2045 Internal 801-2045 From: Sadhan Das ***@***.******@***.***>> Sent: Friday, October 17, 2025 2:06 PM To: community/community ***@***.******@***.***>> Cc: O'Neill (IS), Brian P. ***@***.******@***.***>>; Mention ***@***.******@***.***>> Subject: [EXT] Re: [community/community] Security Assessment - Github (Discussion #177248) To request a security assessment or complete a CAIQ questionnaire for GitHub, you should contact the GitHub Sales or Security team directly. The best way is to submit your request through the GitHub Sales Contact Form<https://github.com/enterprise/contact> or email ***@***.******@***.***> explaining that your organization needs to perform a security assessment before purchasing licenses. You can mention that you need a point of contact for completing the CAIQ form. GitHub’s enterprise or trust team will then connect you with the right person to handle your organization’s security and compliance inquiries. — Reply to this email directly, view it on GitHub<#177248 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AZ2V7L2RIHRYJUBUHDLOKOL3YEVYNAVCNFSM6AAAAACJPUU7SOVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTINZRGI3TGNQ>. You are receiving this because you were mentioned.Message ID: ***@***.******@***.***>> This email contains information that may be confidential and/or privileged. If you are not the intended recipient, or the employee or agent authorized to receive for the intended recipient, you may not copy, disclose or use any contents in this email. If you have received this email in error, please immediately notify the sender at Fox Rothschild LLP by replying to this email and delete the original and reply emails. Thank you.

[bponeill15]

Davide, turns out, you were right. The email I sent to ***@***.******@***.***> bounced back with a message that it is no longer supported and that I should reach out to their support team instead. …which I did using the steps you gave me in your original response below. Needless to say, I am very impressed with the GitHub Community and the quick responses I received. Thank you again Brian Brian P. O’Neill (IS) Software Compliance Administrator Fox Rothschild LLP direct (215) 299-2045 Internal 801-2045 From: O'Neill (IS), Brian P. Sent: Monday, October 20, 2025 10:18 AM To: 'community/community' ***@***.***>; community/community ***@***.***> Cc: Mention ***@***.***> Subject: RE: [EXT] Re: [community/community] Security Assessment - Github (Discussion #177248) Davide, thank you for your response. the response I received just before yours suggested I contact the sales team at ***@***.******@***.***> which I did. …but depending on how they respond I will use your suggestion to contact support as my next move. Thanks again Brian Brian P. O’Neill (IS) Software Compliance Administrator Fox Rothschild LLP direct (215) 299-2045 Internal 801-2045 From: Davide Presti ***@***.******@***.***>> Sent: Friday, October 17, 2025 1:38 PM To: community/community ***@***.******@***.***>> Cc: O'Neill (IS), Brian P. ***@***.******@***.***>>; Mention ***@***.******@***.***>> Subject: [EXT] Re: [community/community] Security Assessment - Github (Discussion #177248) Hi @bponeill15<https://github.com/bponeill15>, You can contact GitHub via the following contact methods: 1. By opening a ticket here<https://support.github.com/contact/account> and selecting "Other". 2. Reach out via Twitter/X @github<https://x.com/github>. 3. Send them an email at ***@***.******@***.***>. — Reply to this email directly, view it on GitHub<#177248 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AZ2V7L252VW4FJIU4BBBVEL3YESP3AVCNFSM6AAAAACJPUU7SOVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTINZRGIZTQOI>. You are receiving this because you were mentioned.Message ID: ***@***.******@***.***>> This email contains information that may be confidential and/or privileged. If you are not the intended recipient, or the employee or agent authorized to receive for the intended recipient, you may not copy, disclose or use any contents in this email. If you have received this email in error, please immediately notify the sender at Fox Rothschild LLP by replying to this email and delete the original and reply emails. Thank you.

[davevad93]

You're welcome @bponeill15, glad to help! 👍

[github-actions[bot]]

🕒 Discussion Activity Reminder 🕒

This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions:

1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as out of date at the bottom of the page.

2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own.

3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution.

Note: This dormant notification will only apply to Discussions with the Question label. To learn more, see our recent announcement.

Thank you for helping bring this Discussion to a resolution! 💬