GitHub Universe 2020 | Catching vulnerabilities early with GitHub, with William Bartholomew

Shifting left allows development teams to implement security controls earlier, thus helping your team catch issues earlier, too.

In this talk, we’ll first cover what your supply chain is, including everything you need to know about the dependencies you pull into your software—including information on their vulnerabilities—to determine your risk profile. We’ll then dive into what GitHub can do to help you address vulnerabilities in these dependencies and alert you when new vulnerabilities arise using Dependency Graph and Dependabot. Then, we’ll delve into new updates that will help you shift left starting today.

Watch the recording Get the slides