Helping build secure software is of utmost important to GitHub

(Image credit: Shutterstock)

During her keynote at the Open Source Summit Europe 2019, Erica Brescia, GitHub’s newly appointed COO, shared that the top thousand projects on the platform have contributions from over 75,000 people.

While she addressed the need to protect this ecosystem in the evolving geo-political landscape of the day, in a conversation with us after keynote, Erica says that security is also one of the top priorities for the platform. 

To underline her point, Erica refers to the keynote of Yvonne Wassenaar, the CEO of Puppet, who quoted findings from Snyk’s State of Open Source Security Report 2019 to reveal the connection between development and security.

Snyk discovered that 37% of developers don’t do any sort of security testing during the CI portion of the development. They also mention that there’s been an 88% increase in application vulnerabilities over two years and 78% of those are through indirect dependencies. 

Combine that with the Forrester report that says 58% of enterprises suffered a breach at least once in the previous year, and over 41% of those external breaches exploited some software vulnerability, and you know we have a problem.

Securing the open source supply chain

Erica says that while the numbers of contributions are impressive and a testament to the collaborative nature of open source, it’s also important to “think about how security flows through all of that. It really is a global and community problem that we need to solve around software development, but also around security.”

No wonder then that security is a major topic of discussion at GitHub. The platform already has a strong commitment to security and is continuing to take steps to help developers build secure software.

The acquisition of Semmle, Erica says is just one of the many initiatives by the platform to help secure the open source supply chain: 

“We actually are bringing a lot of really exciting things around security, the GitHub platform that will be talking about at GitHub Universe in November.”

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Latest in Software & Services
TinEye website
I like this reverse image search service the most
A person in a wheelchair working at a computer.
Here’s a free way to find long lost relatives and friends
A white woman with long brown hair in a ponytail looks down at her computer in a distressed manner. She is holding her forehead with one hand and a credit card with the other
This people search finder covers all the bases, but it's not perfect
That's Them home page
Is That's Them worth it? My honest review
woman listening to computer
AWS vs Azure: choosing the right platform to maximize your company's investment
A person at a desktop computer working on spreadsheet tables.
Trello vs Jira: which project management solution is best for you?
Latest in News
L-mount alliance
Sirui joins L-Mount Alliance to deliver its superb budget lenses for Leica, DJI, Sigma and Panasonic cameras
Security padlock and circuit board to protect data
Trust in digital services around the world sees a massive drop as security worries continue
Samuel and Romy standing very close together in A24's Babygirl movie
Everything new on Max in April 2025, including A24's Babygirl and The Last of Us season 2
An AMD Radeon RX 9070 XT made by Sapphire on a table with its retail packaging
AMD’s secret weapon against Nvidia seems to be stock – way more RX 9070 GPUs are rumored to be hitting shelves than RTX 5000 models
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
Seth Milchick and Kier Eagan's animatronic speaking in Severance season 2 episode 10
Apple TV+ announces Severance has been renewed for season 3 after that devastating finale