Our Incident Process • Create an incident name • Create an incident branch • Apply the Incident Template • Open a Pull Request • “Run it down” • Finalize & Merge • it
“Run it down” • Using the Pull Request workflow for IR: • Ties response directly to the code, such as fixes • Allows us to pull in relevant users & teams as necessary • Lets us categorize, organize, & track using Milestones, Labels, & States
it • We share GitHub security incidents with all Hubbers • This helps us with a few things: • Raising OpSec awareness • Identifying & developing new features • Building user trust