---
title: "Keep Confidential Label"
---

## Overview

The **Keep Confidential Label** is a designation utilized in GitHub issues to indicate that the issue contains sensitive information that should not be disclosed to the public. This label is especially significant in the context of **vulnerability disclosures**, where it serves as a protective measure to manage confidentiality.

## Importance

* The label is crucial for developers who need to report vulnerabilities without exposing sensitive data.
* It reflects GitHub's commitment to responsible disclosure practices and the protection of sensitive information.

## Related Concepts

### Vulnerability Disclosure
The **Vulnerability Disclosure** issue template is a structured approach that requires the use of a security label. It ensures that security-related issues are appropriately flagged and managed, incorporating the **Keep Confidential Label** when necessary.

### Security Label
The **Security Label** is a tagging mechanism within GitHub that identifies and categorizes security-related issues. It is required in the Vulnerability Disclosure issue template, playing a vital role in organizing discussions about security concerns.

## Community and Best Practices

In the **GitHub Security Management Community**, the interconnectedness of the **Keep Confidential Label**, the **Vulnerability Disclosure** template, and the **Security Label** highlights a comprehensive approach to managing security vulnerabilities. Each component plays a specific role in ensuring that sensitive information is handled responsibly, thus enhancing the overall security posture of projects hosted on GitHub.

### Key Takeaways
* The **Keep Confidential Label** is essential for maintaining confidentiality in issue tracking.
* It contributes to effective communication of security concerns while safeguarding sensitive information.
* Understanding the role of this label aids developers in navigating vulnerability disclosures responsibly.

By utilizing the **Keep Confidential Label**, GitHub fosters a secure environment for developers to engage in open discussions about vulnerabilities without compromising sensitive data.