Security operations teams are often busy dealing with malware, phishing, and DDoS attacks. However, there is a place in the IT field that despite the risk of data leakage, loss of reputation, and loss of competitive advantage, many security operations teams have not given sufficient supervision. GitHub is a super popular source code management platform. Companies and individuals are using GitHub to store and manage source code to keep software development projects running smoothly. With its practical features and user-friendly interface, GitHub has climbed the world's largest code repository and now hosts more than 80 million source code repositories. GitHub is also used in some important software projects on Facebook, Google and Microsoft. GitHub is undoubtedly a success story. Why do security operations teams need to pay more attention? This is because GitHub is so popular, and the company's R&D team is very likely to put some projects on GitHub. But the facts of the past few years have proven that some of the developer's careless GitHub usage habits pose serious security risks. Even if developers follow best practices and use a source code analysis tool such as ForTIfy to check for security vulnerabilities in the submitted source, these risks remain. Inadvertent safety operations are inherently dangerous. And when hackers stare at this loosely managed system, the risk is even greater. there are many reasons: Source code The software stored on GitHub is a valuable intellectual property. Copying these codes has the potential to allow other companies and even nation-states to quickly develop derivative applications, save years or even decades of development time, or take advantage of other people's trade secrets without paying royalties. Hackers can also steal source code and resell it to the dark network. 2. Attack method The source code may provide a way for hackers to attack software in a production environment. Stealing source code gives them time to research and find vulnerabilities much easier than through infiltration. They can even run code and try to attack in a production environment, constantly refining attacks, increasing attack speed, concealment, and effectiveness. 3. Login credentials The code and supporting files submitted to GitHub sometimes contain credentials for logging in to other services, such as logging into AWS. The hacker gains access to the code and gains access to related services, with the opportunity to steal more data and interrupt operations. 4. Unauthorized access Developers usually have access to the company code base with a personal email account. These accounts are vulnerabilities, especially after the developer leaves the company. In addition, the permissions of the developers are often the company's code base, not just the project they are responsible for, which leaves a huge attack interface. 5. Insider threats The lack of proactive monitoring can make it easy for malicious insiders to hide anomalous behavior. A developer accessing dozens of code bases is a sign of insider threats, and such behavior should be detected and flagged. When the source library that Uber hosted on GitHub was infiltrated in 2016, part of the hacker's harvest was the login credentials. The attacker not only got advanced intellectual property rights, but also hacked AWS credentials containing 7 million Uber drivers and 50 million customer personal information. These personal data include information such as name, address, driver's license, and so on. Fortunately, the security operations team can take some practical steps to tighten the security of the company's GitHub repository. such as: 1. Clean up the login credentials Remind developers to keep an eye on their GitHub login credentials. Access to the project is only open to developers participating in the project. When the developer leaves the project, the voucher should be revoked. 2. Check the codebase settings repeatedly The software behind GitHub, the software version control program Git, was originally used to manage Linux kernel development. Whether it's Git or GitHub, it's widely used in open source projects. Some developers, especially those of open source projects, basically treat all GitHub codebases as public, regardless of whether the project is really open source. It's a good idea to double-check the company's GitHub configuration to make sure that project access is beyond the required range. 3. Do not mix secrets in the public code Remind developers not to mix login credentials and other highly sensitive information into code, GitHub project introduction pages, or other GitHub content that outsiders can access. Since the Uber data breach, GitHub has urged developers to be cautious about this, but regular reminders from the security operations team are never redundant. 4. Monitor suspicious behavior on GitHub What behaviors are suspicious? The proliferation of code submissions, the authorization of someone to download a large amount of source code, the login of an inappropriate location, the login or request of an external user of the company, and so on. 5. Collect GitHub logs The best way to continuously monitor GitHub is to collect logs of GitHub data from the company's code base. It is not too late to collect from now. 6. Make a baseline security assessment of GitHub behavior Tools can be used to analyze the behavior reported in GitHub logs, define baselines for normal behavior, and make future anomalous behavior detection easier. 7. Automated GitHub log monitoring You will want to continuously monitor GitHub behavior to ensure your company's source code is secure and that outsiders are not penetrating your code base. Write a script to automate this work, or find a solution that is pre-configured with automation. Software code is one of the company's most valuable assets. Incorporating GitHub into the company's security operations team for regular threat hunt work not only protects the valuable assets, but also preserves the company's reputation and competitive advantage. IDC Series Centronic Connector
IDC Series Centronic Connector
Current Rating:5A IDC Series Centronic Connector ShenZhen Antenk Electronics Co,Ltd , http://www.coincellholder.com
Dielectric Withstanding Voltage:1000V for one minute
Insulation Resistance:1000MΩ Min.(at 500V DC)
Contact Resistance:35mΩ Max.
Temperature:-55°C to +105°C
April 23, 2023