GitHub at BSides Portland

The conference will feature keynote speeches from well-known leaders who will provide insights into the latest research and trends in cybersecurity. Our booth will have knowledgeable folks who can brief you about GitHub’s latest offerings, security best practices, and more. Stop by for a chat or drop by our speaking session:

Securing your Open Source Project
GitHub has made substantial investments to improve the overall security of the open source supply chain. In this presentation we’ll share updates from our journey to secure open source projects on GitHub and share hands-on guidance about how to enable free features available on GitHub to help with code security and analysis. From a tools perspective we’ll demonstrate how to use GitHub features to identify and prevent API credentials leaked in code and we’ll share what we do when we find API credentials in code on github.com. We’ll share how to identify and prevent insecure coding patterns in code using CodeQL, a static analysis security testing tool for application security embedded directly into GitHub, and we’ll discuss how we use this tool for open source security research. We’ll also show how to enable Dependabot to identify and prevent insecure or out of date dependencies from entering a project, share how to generate SBOMS, and share how to responsibly disclose security vulnerabilities you may find on GitHub.com.

Date | Friday, October 6 - Saturday, October 7, 2023

Location
Portland State University
1825 SW Broadway
Portland, OR 97201

See you in Portland!