Getting started with Github security - it’s easier than you think

Tech Talks
Thu, Jul 28, 8:00 AM (CDT)

GitHub is one of the most popular SCM (source control management) systems in the world but there are still a lot of people who miss some easy-to-implement security measures meant to help protect your code. In this session, we will go over SCM security posture and show what it means when it’s not implemented, and show how to implement the relevant recommended security setting in GitHub.

About this event

GitHub is one of the most popular SCM (source control management) systems in the world but there are still a lot of people who miss some easy-to-implement security measures meant to help protect your code.

SCM security posture can in general be divided into several categories:

  1. Access control - who can access your repo
  2. Permissions - what can they do once they have access
  3. Branch Protection - preventing breaking changes from being implemented on critical branches
  4. File Modification Tracking - prevent\detect attack steps that exploit file access permissions

As often is the case when it comes to security, transparency and visibility are key. It’s important to see what your security posture is and how it changes over time rather than setting something up and forgetting about it.

We’ll go over each of the categories, explain it, show what it means when it’s not implemented, and show how to implement the relevant recommended security setting in GitHub.

Speaker