GitReview - All Git Commits are Reviewed

Presented at BSidesSF 2015, April 20, 2015, 2 p.m. (60 minutes)

We needed to audit our github repository while maintaining developer flexibility to push whenever and whatever changes to get the job done. We wanted to check against three things - security critical code changes, peer review, and approval. We created gitreview as a lightweight overlay on to of github and discovered a new paradigm for managing all changes in our environment.

Presenters:

• Jon Debonis - VP Information Security - Blend Labs
  I'm Jon Debonis. I've been taking apart computers and electronics then putting back together for 21 years. I'm a Google alumni, helped to bring Kaiser Permanente to PCI compliance, and worked with many others to meet security goals. I currently work with startups to establish secure architecture in development, infrastructure, and to establish information security management programs and compliance. Most of my free time goes to raising my 4 kids, all of whom are under 4-years old.

Links:

• https://bsidessf2015.sched.com/event/2t2c/gitreview-all-git-commits-are-reviewed

Similar Presentations:

• The Eleventh HOPE (2016) / The Code Archive