GitHub Advanced Security: Helping Developers Secure the World’s Software • Karl Krukow • GOTO 2023
About this talk
This presentation was recorded at GOTO Copenhagen 2023. #GOTOcon #GOTOcph https://gotocph.com Karl Krukow - Senior Director of Software Engineering at GitHub @karlkrukow RESOURCES https://twitter.com/karlkrukow https://www.linkedin.com/in/krukow https://github.com/krukow http://blog.higher-order.net ABSTRACT At GitHub we believe that we have both the opportunity and the responsibility to help secure the world's software. Our approach is to focus on empowering developers and GitHub Advanced Security is our product portfolio that we're developing towards this end. This talk provides an overview of GitHub Advanced Security. This covers (i) finding vulnerabilities in your code (code scanning with our static analysis engine CodeQL), (ii) finding and preventing leaks of credentials/tokens (secret scanning), and securing your (open source) dependencies (Supply chain security). We might even touch on how we’re leveraging AI to help developers secure code ;) [...] TIMECODES 00:00 Intro 02:47 Hacking Fortnite accounts 08:20 1. Your code 13:42 2. Your code dependencies 18:56 3. Secrets for service dependencies 26:03 GitHub advanced security 35:10 CodeQL 51:36 CodeQL Community 54:51 Outro Download slides and read the full abstract here: https://gotocph.com/2023/sessions/2757 RECOMMENDED BOOKS Leo Porter & Daniel Zingaro • Learn AI-assisted Python Programming • https://amzn.to/3Pv3Hx7 Pritesh Mistry • Github Copilot for Developers • https://amzn.to/3TupBSm Kurt Dowswell • Programming with GitHub Copilot • https://amzn.to/3TM2HaL Phil Winder • Reinforcement Learning • https://amzn.to/3t1S1VZ https://twitter.com/GOTOcon https://www.linkedin.com/company/goto- https://www.instagram.com/goto_con https://www.facebook.com/GOTOConferences #GitHub #Security #Cybersecurity GitHubSecurity #GitHubCoPilot #CrossSiteScripting #FortniteHack #OAuth #CodeQL #KarlKrukow Looking for a unique learning experience? Attend the next GOTO conference near you! Get your ticket at https://gotopia.tech Sign up for updates and specials at https://gotopia.tech/newsletter SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily. https://www.youtube.com/user/GotoConferences/?sub_confirmation=1
Topics covered
Stay Updated
Get notified about new features and conference additions.
