PikoPong
  • Web Dev
  • Hack
  • Database
  • Big Data
  • AWS
  • Linux
No Result
View All Result
PikoPong
  • Web Dev
  • Hack
  • Database
  • Big Data
  • AWS
  • Linux
No Result
View All Result
PikoPong
No Result
View All Result
Home Web Dev

CERT partners with GitHub Security Lab for automated remediation

May 23, 2020
in Web Dev
289 3
Automating MySQL schema migrations with GitHub Actions and more


As security researchers, the GitHub Security Lab team constantly embarks on an emotional journey with each new vulnerability challenge. The excitement of starting new research, the disappointment that comes with hitting a plateau, the energy it takes to stay focused and on target…and hopefully, the sheer joy of achieving a tangible result after weeks or months of working on a problem that seemed unsolvable.

Regardless of how proud you are of the results, do you ever get a nagging feeling that maybe you didn’t make enough of an impact? While single bug fixes are worthwhile in improving code, it’s not sufficient enough to improve the state of security of the open source software (OSS) ecosystem as a whole. This holds true especially when you consider that software is always growing and changing—and as vulnerabilities are fixed, new ones are introduced.

Beyond single bug fixes

At GitHub, we host millions of OSS projects which puts us in a unique position to take a different approach with OSS security. We have the power and responsibility to make an impact beyond single bug fixes. This is why a big part of the GitHub Security Lab mission is to find ways to scale our vulnerability hunting efforts and empower others to do the same.

Our goal is to turn single vulnerabilities into hundreds, if not thousands, of bug fixes at a time. Enabled by the GitHub engineering teams, we aim to establish workflows that are open to the community that tackle vulnerabilities at scale on the GitHub platform.

Ultimately, we want to establish feedback loops with the developer and security communities, and act as security facilitators, all while working with the OSS community to secure the software we all depend upon.


We’re taking a deep-dive in the remediation of a security vulnerability with CERT. Learn more about how we found ways to scale our vulnerability hunting efforts and empower others to do the same.

Continue reading on the Security Lab blog



Source link

Share219Tweet137Share55Pin49

Related Posts

You want minmax(10px, 1fr) not 1fr
Web Dev

You want minmax(10px, 1fr) not 1fr

There are a lot of grids on the web like this: .grid { display: grid; grid-template-columns: repeat(3, 1fr); }...

January 22, 2021
Servers: Cool Once Again | CSS-Tricks
Web Dev

Servers: Cool Once Again | CSS-Tricks

There were jokes coming back from the holiday break that JavaScript decided to go all server-side. I think it...

January 22, 2021
When To Say No To Freelance Projects — Smashing Magazine
Web Dev

When To Say No To Freelance Projects — Smashing Magazine

About The AuthorBecca is a UX Researcher with a PhD in Human Factors Psychology. She runs the UX consulting...

January 22, 2021
useStateInCustomProperties | CSS-Tricks
Web Dev

useStateInCustomProperties | CSS-Tricks

In my recent “Custom Properties as State” post, one of the things I mentioned was that theoretically, UI libraries, like...

January 21, 2021
Next Post
Snowflake Role-Based Access Control simplified

Snowflake Role-Based Access Control simplified

Query Monitor CLI Package for Laravel

Query Monitor CLI Package for Laravel

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

5 Myths About Jamstack | CSS-Tricks

5 Myths About Jamstack | CSS-Tricks

June 9, 2020
Reactive jQuery for Spaghetti-fied Legacy Codebases (or When You Can’t Have Nice Things)

Reactive jQuery for Spaghetti-fied Legacy Codebases (or When You Can’t Have Nice Things)

July 22, 2020
How to Simplify SVG Code Using Basic Shapes

How to Simplify SVG Code Using Basic Shapes

September 3, 2020
Chapter 3: The Website | CSS-Tricks

Chapter 3: The Website | CSS-Tricks

August 19, 2020

Categories

  • AWS
  • Big Data
  • Database
  • DevOps
  • IoT
  • Linux
  • Web Dev
No Result
View All Result
  • Web Dev
  • Hack
  • Database
  • Big Data
  • AWS
  • Linux

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In