GitHub will require 2FA for all users who contribute code on the platform by the end of 2023.
A threat actor used stole OAuth tokens for third-party integrators Heroku and Travis-CI to access and download private GitHub repositories belonging to dozens of companies.
Mike Hanley, CSO of GitHub, recently joined Dennis Fisher on the Decipher podcast to discuss the White House open source security summit in January, the Log4j response, and the challenges of helping millions of developers secure their projects.
Mike Hanley, CSO at GitHub and former VP of security at Duo Security, joins Dennis Fisher to talk about the open source security summit at the White House, the Log4j response, and how the tech industry can support the open source community.
GitHub is opening is security Advisory Database to contributions to the community, allowing new research and improvements to help secure the software supply chain.