Explore GitHub Advanced Security's role in empowering developers to secure the world's software in this comprehensive talk from GOTO Copenhagen 2023. Delve into the three main pillars of GitHub's security approach: finding vulnerabilities in code through CodeQL static analysis, preventing credential leaks with secret scanning, and securing open-source dependencies. Learn about real-world security breaches, including a Fortnite account hack, to understand the importance of robust security measures. Discover how GitHub leverages AI to enhance code security and get insights into the CodeQL community. Gain valuable knowledge about modern software security practices and tools to protect your projects from potential threats.
GitHub Advanced Security: Securing the World's Software - Lecture
Overview
Syllabus
Intro
Hacking Fortnite accounts
1. Your code
2. Your code dependencies
3. Secrets for service dependencies
GitHub advanced security
CodeQL
CodeQL Community
Outro
Taught by
GOTO Conferences
Related Courses
-
Build community-driven software projects on GitHub
-
Protect Your Code with GitHub Security Features
-
Application Security for Developers
-
GitHub Copilot and Advanced Security - A Quick Tour
-
Protect Your Code with GitHub Security Features
-
From App Security to Dev Security – Shift Left with GitHub Advanced Security
