GitHub Security Virtual Meetup

The GitHub Security meetup is a great opportunity to connect with other security researchers and developers to discuss all things security! Offense, defense, variant analysis, vulnerability impact, and security triage workflows … we welcome it all!

The meetup features:

• Lightning Talks. A mix of live and pre-recorded lightning talks. You can interact with the speaker in the chat after or during the talk!
• Security Trivia. Have fun playing our security trivia game with the other participants and win some GitHub Swag!

Talks

• A short history of package dependency compromises and what we can learn from them by Hauke Jan Lübbers. Hauke is a Software Engineering Manager at CSIS Security Group, lying awake at night thinking about all the software packages everyone depends on

• How I ended up generating 1.596 PRs to fix an Ecosystem Wide Security Vulnerability by Jonathan Leitschuh. Jonathan is a Security Software Engineer at Gradle, best known for the July 2019 Zoom Video Conferencing 0-Day Vulnerability. He also championed an industry-wide initiative to formally decomission the support of HTTP in favor of HTTPS only support by major artifact servers in the JVM ecosystem.

• Best Way to RCE: Command Injection by Mehmet Ince. Mehmet Ince continues his duty as the Managing Partner of INVICTUS. Ince is known to be involved in the field of cybersecurity since 2004. Some of his findings are available on exploit-db as well as Ince’s blog, where he shares his ideas about current security issues and offers his contributions to the global security community.

Join us on Wednesday July 15, 2020, at 5pm CET (Central Europe) - 8am PDT (Pacific Time) on https://www.twitch.tv/github

Do you want to present a security technique, tool, vulnerability pattern or anything else you think is relevant to Open Source security at our next meetup? Please reach out to us at securitymeetup@github.com