We also want to show some examples so you can see our data is accurate, and to show some interesting ways some companies are using GitHub products.
Semiconductors & AI ยท Santa Clara, CA ยท GitHub Enterprise + Packages
Nvidia is a GitHub Enterprise customer with around 36,000 employees. Their GitHub Enterprise instance enforces Microsoft SSO, so engineers authenticate through their corporate Microsoft account before accessing any repos.
Nvidia uses GitHub as the main place they publish and distribute the open source software tools they build for AI infrastructure. One of the ways they do this is through GitHub Packages, which is essentially a hosting service built into GitHub where you can publish software that other people and teams can then download and use. Rather than putting their tools on a separate download site, Nvidia publishes everything directly on GitHub where their developers already live.
The list of what they're publishing reads like a map of what Nvidia is actually shipping for AI infrastructure. There's a CUDA Quantum developer environment that has been pulled over 5.6 million times, a plugin that lets Kubernetes clusters see and use NVIDIA GPUs, and a GPU Operator that automates driver installation across a cluster rather than requiring someone to do it manually on each machine.
Nearly every engineering team uses GitHub as the operational layer for building, testing, and releasing software, not just for storing code. Their TensorRT-LLM team has dedicated engineers whose job is specifically to maintain the automated pipelines that run every time code is submitted, making sure builds and tests happen without manual intervention.
Industrial Technology ยท Munich, Germany ยท GitHub Enterprise + Copilot + Actions + Jenkins
Siemens is a GitHub Enterprise customer with around 300,000 employees globally. Their GitHub Enterprise instance enforces Microsoft SSO login, so engineers authenticate through their corporate Microsoft account before accessing any repos.
They have over 200 open source repositories on GitHub across industrial software, design systems, and tooling. One of the more interesting examples is their EFI Boot Guard repository. EFI Boot Guard is a bootloader, meaning it's the software that runs before the operating system starts up on a device. Getting it wrong can brick the hardware, so correctness across different chip architectures matters a lot.
Their GitHub Actions workflow for that project builds and tests the code across five hardware architectures simultaneously: amd64, i386, arm64, arm, and riscv64. Every time someone submits a change, GitHub Actions automatically verifies it works on all five before anything gets merged.
They've also wired Coverity into that same workflow. Coverity is a code scanning tool used in safety-critical software development to catch security vulnerabilities before they ship. Rather than running it as a separate manual process, it fires automatically as part of the GitHub Actions workflow, with results sent directly to the Synopsys platform. Credentials are stored as GitHub secrets so nothing sensitive is exposed in the code. It's a clean example of GitHub Actions being used not just for building and testing, but as the delivery mechanism for third-party security tooling.
Finally, Siemens is also rolling out GitHub Copilot across their engineering workforce. Siemens Healthineers has active research projects built around it, exploring how far engineers can get by describing a software feature in plain language and having Copilot generate the working code from that description.
Education Technology ยท Salt Lake City, UT ยท GitHub Enterprise + Copilot + Actions
Instructure is a GitHub Enterprise customer with around 2,200 employees. They make Canvas, the open-source LMS used by roughly 4,000 institutions across K-12, higher education, and corporate learning.
Their GitHub Enterprise instance enforces Okta SSO, so engineers log in through their corporate Okta account before accessing any repos.
GitHub Actions is their standard CI/CD tool across all engineering, automating the process of building, testing, and deploying code every time a change is submitted. It runs alongside Jenkins across the organization. Beyond just build and test, their security team has wired additional checks into those same pipelines, including dependency scanning with Snyk and static code analysis, so vulnerabilities get caught during development rather than after code ships.
On top of that, Instructure has made GitHub Copilot a formal requirement rather than a suggestion. Engineers are expected to integrate AI coding tools into every aspect of their work, including writing new features, responding to incidents, and investigating production issues. Most companies encourage AI tool adoption; Instructure has made it part of the job description.
Biometric Identity ยท Cambridge, UK ยท GitHub Enterprise + Copilot + Actions
Simprints is a nonprofit building biometric identity technology for use in low-resource healthcare and aid settings. Their flagship product is the Android-Simprints-ID app, which integrates fingerprint and face scanning directly into health worker workflows in the field.
Their GitHub Enterprise instance enforces Google SSO, so engineers authenticate through their corporate Google account before accessing any repos.
They're also on GitHub Copilot. Their Biometrics-Simface-SDK uses a copilot-setup-steps.yml GitHub Actions workflow to pre-provision Copilot's environment before it starts writing or reviewing code: Node.js 24, frontend dependencies, and a separate install pass for the demo app.
On the main Android-Simprints-ID repo, GitHub Actions handles a multi-stage deploy pipeline with separate workflows for dev, internal, and release tracks. Copilot code review runs on every PR, and a Copilot coding agent is enabled so it can be assigned issues and open PRs directly.
Defense & Technology ยท Paris, France ยท GitHub Enterprise + Copilot + Actions
Thales Group is a GitHub Enterprise customer with around 77,000 employees and over 300 public repositories on GitHub spanning defense systems, cybersecurity tooling, formal verification, ML frameworks, and cryptography infrastructure.
Thales uses GitHub Copilot, and their Fred repository has a detailed Copilot instructions file that sets strict defaults for how engineers should work in the codebase: keep things simple, don't over-engineer, run quality and test checks on every change. It also tells Copilot to read four internal architecture docs before touching anything, so it has enough context to work within their existing system rather than inventing its own patterns.
They use GitHub Actions for CI on the Fred repository. Every PR triggers three workflows: a Docker image build, a CodeQL security scan, and a PR validation check. The Docker build pushes to a dev registry on every PR, not just on merges, so every branch under review has a deployable image. Copilot code review also runs on every PR automatically.
Telecommunications ยท Espoo, Finland ยท GitHub Enterprise + Copilot + Actions
Nokia is a GitHub Enterprise customer with around 86,000 employees. They have over 600 public repositories on GitHub with a stated 20+ year history in open source, plus separate orgs for Nokia Bell Labs research and the Kubenet network automation community.
Their GitHub Enterprise instance enforces Microsoft SSO. The login page identifies the MN RAN team specifically, suggesting different business units run their own Enterprise instances rather than one company-wide org.
Nokia is on GitHub Copilot as well. Their MCP Redfish Server is one of Nokia's repos with a Copilot instructions file. It's a server that lets AI agents interact with networking infrastructure using plain language rather than raw API calls. The instructions document the full architecture so Copilot understands how the project is structured before writing any code.
Their Moler repository uses GitHub Actions for Python CI on every push, running tests across the library's network device communication stack.
Database Software ยท New York, NY ยท GitHub Enterprise + Copilot + Actions
MongoDB is a GitHub Enterprise customer with around 5,500 employees, also using Cursor and Statsig across their engineering organization. They have 298 public repositories on GitHub: the database server, official drivers for Node.js, Go, Python, Ruby, and PHP, Kubernetes operators, Terraform and CloudFormation providers, plus a substantial labs org.
MongoDB uses GitHub Copilot, and their docs monorepo uses Copilot instructions to set different rules depending on which part of the repo you're in. The most interesting rule is in the code examples section: those utilities are used by technical writers, not engineers, so Copilot is told to keep everything as simple as possible. There's also one instruction in plain caps: do not print success messages when there are failing tests. Just fix them.
Their Terraform Atlas provider has over 49,000 GitHub Actions workflow runs. Every PR requires a changelog entry and a migration guide check before it can merge. There's also a full test suite that runs on a schedule and takes over an hour, plus a workflow that automatically updates the Atlas Go SDK when new versions are released.
To handle that volume, MongoDB runs self-hosted GitHub Actions runners rather than using GitHub's default servers. When you use GitHub's standard infrastructure, you're limited in terms of hardware, runtime, and cost. By running their own machines, MongoDB gets full control over the environment and can scale capacity to match the volume of builds and tests their repos generate -something that matters when you have 298 public repositories and test suites that run for over an hour.
Enterprise Software ยท Fort Lauderdale, FL ยท GitHub Enterprise + Copilot + Actions
Citrix is a GitHub Enterprise customer with around 10,000 employees. Their GitHub Enterprise instance enforces Okta SSO.
They're also a GitHub Copilot customer. Their terraform-provider-citrixadc repository has a Copilot instructions file that gives Copilot enough context to work on a Terraform provider for a networking product with its own proprietary API. Without that context, Copilot would generate generic Terraform patterns that don't match how the ADC actually works. Copilot has been rolled out broadly across engineering, from Android development to cloud security, rather than being limited to specific areas.
GitHub also runs deeper into the organization than just engineering. Citrix's technical writers use it too, managing and publishing product documentation the same way engineers manage code: through GitHub, using Markdown files and pull requests. The same review and collaboration workflows that engineers use for code are also used for the documentation that ships alongside the product.
Retail ยท Atlanta, GA ยท GitHub Enterprise + Copilot
Home Depot is a GitHub Enterprise customer with around 500,000 employees. Their GitHub Enterprise instance enforces Microsoft SSO.
They use GitHub Actions as their standard CI/CD tool across engineering, running automated build, test, and deployment pipelines whenever code is submitted. Their cloud infrastructure runs on GCP, and GitHub sits at the center of how engineering manages everything from application code to infrastructure changes. GitOps is part of how they operate their cloud platform, meaning infrastructure changes go through the same Git-based review and approval process as any other code change.
They also use GitHub Copilot. Their trainer repository has a Copilot instructions file that's almost entirely about one thing: stopping Copilot from generating Go code that won't compile. Go is a programming language with strict rules about how files have to be structured, and the instructions also ban several patterns that look like they'd work but quietly break in practice -the kind of guardrails you add after watching an AI confidently produce something that falls apart the moment you actually run it.
Financial Services ยท New York, NY ยท GitHub Enterprise + Copilot + Actions + DX
Morgan Stanley is a GitHub Enterprise customer with around 80,000 employees globally. For a bank their size, having 50 public open source repositories is notable. They cover a range: C++ low-latency profiling tools, a Kafka client API, Python testing frameworks, TypeScript desktop container libraries, and FDC3 financial data standards. There's a dedicated Open Source Programs Office managing the org.
They use GitHub Copilot, and their Needle repository, a TypeScript dependency injection library, uses it to help contributors work within strict quality standards: a defined validation sequence before any PR, and rules that stop Copilot from touching auto-generated files. Copilot use at Morgan Stanley extends well beyond software engineering -it shows up in trade surveillance, regulatory reporting, and wealth management, which is notable for a heavily regulated firm where you might expect more caution around AI tooling in sensitive areas.
The GitHub Actions setup reflects the fact that this is a bank publishing open source tooling. Every push runs an OpenSSF Scorecard scan, which grades the repo's security posture for anyone considering using it as a dependency. There's also a matrix that tests compatibility across multiple TypeScript versions, and CodeQL for code analysis.
Infrastructure Software ยท San Francisco, CA ยท GitHub Enterprise + Copilot + Actions
HashiCorp is a GitHub Enterprise customer known for Vault, Terraform, and the broader infrastructure-as-code ecosystem. Their Vault repository has 35k stars and one of the more structured GitHub Copilot setups we've seen.
Rather than one instructions file for the whole repo, Vault uses separate Copilot instruction files for each part of the codebase: Go, Go tests, Ember.js, templates, styles, and so on. Each file only applies to the relevant file types. The practical benefit is that Copilot gets precise, relevant guidance wherever it's working rather than a generic brief it has to interpret.
The Vault Actions setup reflects the scale of an open source security project with 35k stars and 104,000+ workflow runs. Every PR enforces changelog, milestone, and copyright header checks before merge. There's also an automated backport assistant that handles cherry-picking fixes across the OSS and Enterprise branches.
Cybersecurity & Data Protection ยท Schaffhausen, Switzerland ยท GitHub Enterprise + Copilot + Actions
Acronis is a GitHub Enterprise customer with around 1,900 employees. They make backup, disaster recovery, and endpoint security software, and GitHub Enterprise sits at the center of how they operate -listed as a core tool alongside Kubernetes, Ansible, Datadog, and PagerDuty for the engineers keeping their cloud platform running. They have over 20 open source repositories on GitHub covering SDKs, integrations, and UI tooling.
They're also on GitHub Copilot. Their shadcn-uikit repository -a React component library they open sourced -has Copilot instructions detailed enough to double as an onboarding guide: testing setup, component conventions, and how the workspace is structured. The most notable rule is a safety one: Copilot is not allowed to run any command that installs dependencies or mutates state without explicit approval first.
GitHub Actions handles the full release pipeline: build, lint, type checks, tests, and separate workflows for publishing to npm and deploying the Storybook documentation site.
Enterprise Software ยท Sydney, Australia ยท GitHub Enterprise + Actions
Atlassian is a GitHub Enterprise customer with around 12,000 employees. Their GitHub Enterprise instance enforces Okta SSO. Worth noting that Atlassian makes Jira, Bitbucket, and Confluence, their own competing products, yet uses GitHub Enterprise internally.
GitHub Actions is their standard CI/CD tool across engineering. Two of their public repositories show what that looks like in practice.
Their atlascode repository is the official Atlassian VS Code extension, which brings Jira and Bitbucket directly into the IDE. GitHub Actions publishes a nightly build automatically every day. The releases page shows hundreds of consecutive nightly builds tagged and shipped without manual intervention, a good example of using GitHub Actions to maintain a daily release cadence for a developer tool.
Their pragmatic-drag-and-drop repository (12.5k stars) shows another pattern: commits to the public GitHub repo come from a one-way-sync bot, meaning the actual development happens in Atlassian's internal monorepo and changes are pushed out to GitHub automatically.
Data & Analytics ยท San Diego, CA ยท GitHub + Copilot + Actions
Teradata is a GitHub customer with around 6,000 employees. They use GitHub to host their developer portal, which covers quickstarts, documentation, downloads, and community resources for their Vantage data platform. The portal is built with Docusaurus and deployed via GitHub Pages, meaning every code change automatically publishes to the live site.
Their Covalent repository is their open source Angular UI component library with 2.2k stars. Every PR runs Chromatic for visual regression testing, catching unintended component changes before merge. Every commit to main triggers an automatic release and deploys the updated docs to GitHub Pages.
Teradata also uses GitHub Copilot across engineering. What's notable is where it shows up: not just in general software development, but specifically in their AI platform and cloud infrastructure work, where engineers are expected to use it as part of their standard development process.
Entertainment & Ticketing ยท Beverly Hills, CA ยท GitHub Teams + Actions
Ticketmaster is a GitHub Teams customer with around 7,000 employees. Like Teradata, they use GitHub to host their developer portal, which covers their Discovery API, Webhooks, and partner SDKs for third-party developers building on top of the Ticketmaster platform.
Their iOS SDK repository uses GitHub Actions in a simple but clean way: every time a new release is published on GitHub, Actions automatically deploys the updated SDK documentation to GitHub Pages. The docs always reflect the latest release without anyone having to manually trigger a deploy.
Centreville Bank
Sona Asset Management
Seaboard Overseas and Trading Group
Al Ghurair Group
PeriGen
Advanced Education Research and Development Fund (AERDF)
Nexus Energรญa
NexTReT
Next Securities
Nerostein
UW Credit Union
uOttawa Institute of the Environment (IE)
Univeris
UNFI
Medisa
Marston Holdings
LevelShift
Softcat
Koรงtaล
International Finance Bank (IFB)
Nvidia
Siemens
Instructure
Simprints
Thales Group
Nokia
MongoDB
Citrix
Home Depot
Morgan Stanley
HashiCorp
Acronis
Atlassian
Teradata
Ticketmaster
