We promote learning and collaboration within the technological and scientific community

Uncover valuable insights into how GitHub secures the open-source software we all depend on, with real-world examples from the GitHub Security Lab, which uncovered 1,000+ vulnerabilities and was credited with 800+ CVEs over the past 4 years. Securing open-source software is critical because it underpins much of today’s digital infrastructure, and vulnerabilities in widely used components can create significant risks across entire software ecosystems. This session will provide the latest updates on how GitHub enhances various elements of the Secure Software Development Life Cycle (SSDLC), leveraging the driving forces of Artificial Intelligence (AI), Developer Experience (DevEx), and community collaboration to secure open source. We will explore best practices in software security, including code scanning, secrets hygiene, dependency management, automation, and enhancing security awareness through gamification. The audience will gain a deep understanding of industry-leading initiatives and lessons learned from our experience in today's rapidly changing landscape.