Mitigation strategies for dealing with GitHub security breaches
In late September news came out that GitHub repositories were hit by password-stealing commits that were disguised as Dependabot contributions.
Could this threat have been prevented?
What should you do to protect yourself from similar attacks that might affect your IP and software integrity?
Are such automated tools inherently unsafe and how can we trust them with certain caveats, reservations, or mitigations?
Watch this session to get the answers to these questions and gain insights from industry top researchers on safeguarding your Git repositories.