Open source software plays a crucial role in modern software development, with 99% of codebases incorporating open source components, which can introduce both innovation and security risks. GitHub has been proactive in enhancing open source security by acquiring tools like Dependabot and Semmle, establishing the GitHub Security Lab, and forming the Open Source Security Coalition to address vulnerabilities and promote best practices. This coalition, which includes major tech companies such as Google and Microsoft, has now evolved into the Open Source Security Foundation (OpenSSF) to unify efforts in securing open source software. GitHub's continued commitment to open source security is evident through its investment in new security features and ongoing collaboration with the open source community, aiming to protect and enhance the global software ecosystem.