How GitHub Uses GitHub to Defend GitHub

Transcript

1. ! To Defend Scott J Roberts Bad Guy Catcher Uses

   How

2. this isn’t a sales pitch… but it is about using

   GitHub the product

3. Our Goals • Use current tools & paradigms • Fast

   • Secure • Transparent to coworkers

4. We live on GitHub (shocking!) • Writing code • Writing

   documentation • Having long running collaborative discussions • So why not incident response?

5. Our Incident Process • Create an incident name • Create

   an incident branch • Apply the Incident Template • Open a Pull Request • “Run it down” • Finalize & Merge • it

6. Create an incident name • Two word names • First

   word is “actor” - to the extent we know • Second word is the incident • Initials should be unique

7. Create an “Incident Branch”

8. Add Incident Template

9. Our Templates

10. Our Templates

11. Git Add, Commit, & Push

12. Open a Pull Request

13. Open a Pull Request

14. “Run it down”

15. “Run it down” • Using the Pull Request workflow for

    IR: • Ties response directly to the code, such as fixes • Allows us to pull in relevant users & teams as necessary • Lets us categorize, organize, & track using Milestones, Labels, & States

16. Finalize and Merge

17. it • We share GitHub security incidents with all Hubbers

    • This helps us with a few things: • Raising OpSec awareness • Identifying & developing new features • Building user trust

18. Quick Review 1. Create a branch 2. Add & fill

    out template 3. Add, commit, & push 4. Open a Pull Request 5. “Run it down” 6. Finalize & Merge

19. Wake Up,
 Go T o War