Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
How GitHub Uses GitHub to Defend GitHub
Search
Scott J. Roberts
February 24, 2014
Technology
3
300
How GitHub Uses GitHub to Defend GitHub
A talk I gave for a closed conference right around RSA 2014.
Scott J. Roberts
February 24, 2014
Tweet
Share
More Decks by Scott J. Roberts
See All by Scott J. Roberts
Skynet the CTI Intern: Building Effective Machine Augmented Intelligence
sroberts
0
43
DRIVING INTELLIGENCE WITH MITRE ATT&CK: LEVERAGING LIMITED RESOURCES TO BUILD AN EVOLVING THREAT REPOSITORY
sroberts
0
19
Exploring Threat Intelligence: Insights and Tools from Vertex Synapse
sroberts
0
14
Homemade Ramen & Threat Intelligence
sroberts
2
460
Introduction to Open Source Security Tools
sroberts
3
4.8k
Building Effective Threat Intelligence Sharing
sroberts
1
100
Japanese Manufacturing, Killer Robots, & Effective Incident Handling
sroberts
0
100
Crisis Communication for Incident Response
sroberts
1
300
Hipster DFIR on OSX - BSidesCincy
sroberts
3
3.2k
Other Decks in Technology
See All in Technology
LINE WORKSへ簡単通知!Incoming Webhookアプリの紹介
mmclsntr
0
110
コンテナ・K8s研修 - 後半 Kubernetes 基礎&ハンズオン【MIXI 24新卒技術研修】
mixi_engineers
PRO
1
120
ギークの理想が7つ集まるエムスリーで夢を叶えよう - エムスリー株式会社
m3_engineering
1
260
公共領域から学ぶ クラウド移行についてエンジニアが意識していること
kawakawa2222
0
140
Luupの開発組織におけるインシデントマネジメントの変遷 ver.RoadtoSRENEXT2024
grimoh
1
270
シフトレフトで挑む セキュリティの生産性向上
sekido
PRO
0
270
データ分析基盤を作ってみよう~設計編~
nrinetcom
PRO
1
110
エンジニアリングマネージャーはどう学んでいくのか #devsumi / How Do Engineering Managers Continue to Learn and Grow?
expajp
4
1.3k
ここがすごいよ! AWS Systems Manager!
saichan11
0
1.8k
[I/O Extended Android 2024] What`s new in Android 2024
kyeongwan
0
220
DevIO2024_レガシー運用からの脱却 -クラウド活用の実践事例とベストプラクティス-
jun2882
0
210
dxd2024-生成AIに振り回された3か月間の成功と失敗/dxd2024-link-and-motivation
lmi
2
260
Featured
See All Featured
From Idea to $5000 a Month in 5 Months
shpigford
377
46k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
353
29k
A better future with KSS
kneath
231
17k
Stop Working from a Prison Cell
hatefulcrawdad
266
20k
4 Signs Your Business is Dying
shpigford
178
21k
YesSQL, Process and Tooling at Scale
rocio
166
14k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
121
18k
The Brand Is Dead. Long Live the Brand.
mthomps
52
36k
What's new in Ruby 2.0
geeforr
338
31k
Code Review Best Practice
trishagee
58
16k
Large-scale JavaScript Application Architecture
addyosmani
506
110k
[RailsConf 2023] Rails as a piece of cake
palkan
35
4.4k
Transcript
! To Defend Scott J Roberts Bad Guy Catcher Uses
How
this isn’t a sales pitch… but it is about using
GitHub the product
Our Goals • Use current tools & paradigms • Fast
• Secure • Transparent to coworkers
We live on GitHub (shocking!) • Writing code • Writing
documentation • Having long running collaborative discussions • So why not incident response?
Our Incident Process • Create an incident name • Create
an incident branch • Apply the Incident Template • Open a Pull Request • “Run it down” • Finalize & Merge • it
Create an incident name • Two word names • First
word is “actor” - to the extent we know • Second word is the incident • Initials should be unique
Create an “Incident Branch”
Add Incident Template
Our Templates
Our Templates
Git Add, Commit, & Push
Open a Pull Request
Open a Pull Request
“Run it down”
“Run it down” • Using the Pull Request workflow for
IR: • Ties response directly to the code, such as fixes • Allows us to pull in relevant users & teams as necessary • Lets us categorize, organize, & track using Milestones, Labels, & States
Finalize and Merge
it • We share GitHub security incidents with all Hubbers
• This helps us with a few things: • Raising OpSec awareness • Identifying & developing new features • Building user trust
Quick Review 1. Create a branch 2. Add & fill
out template 3. Add, commit, & push 4. Open a Pull Request 5. “Run it down” 6. Finalize & Merge
Wake Up, Go T o War