Protect Your Code with GitHub Security Features with Rob Bos
Description changed:
Protect Your Code with GitHub Security Features with Rob Bos
ββ π This is an online event, we'll be hosting the event on Zoom, the link for the meeting is below, however, we'll only announce the password just before the event.
π Welcome
ποΈ Housekeeping
π¨βπ« Protect Your Code with GitHub Security Features
π» Virtual Bar
π Protect Your Code with GitHub Security Features
Creating modern software has a lot of moving parts. We all build on top of the shoulders of giants by leveraging closed/open source packages or containers that other people have shared. That makes securing our software a lot more complex as well!
In this session you'll learn what possible attack vectors you need to look for, how to protect yourself against them and how to leverage GitHub's features to make your life easier!
Topics:
- Signed Commits
- Dependabot updates
- Dependency scanning for known vulnerabilities
- Secret scanning (and revoking) out of the box
- Using CodeQL
π¨βπ» Rob Bos
Rob has a strong focus on ALM and DevOps, automating manual tasks and helping teams deliver value to the end-user faster, using DevOps techniques. This is applied on anything Rob comes across, whether itβs an application, infrastructure, serverless or training environments. Additionally, Rob focuses on the management of production environments, including dashboarding, usage statistics for product owners and stakeholders, but also as part of the feedback loop to the developers. A lot of focus goes to GitHub and GitHub Actions, improving the security of applications and DevOps pipelines.
