Hey, security folks! Want to help us secure the world's software and share your security expertise at #GitHubUniverse ? Apply to be a speaker!

🤖🔐 Can We Trust AI-Generated Code? 🔐🤖

We're diving into AI's role in development with Joseph Katsioloudes from GitHub Security Lab! 🚀

🤖 Is AI-generated code safe for production?
🔍 Importance of thorough code reviews.
✅ Best security practices.

#AISecurity #GitHubCopilot

WHAT A BLAST SINFO 💥🤖🔐

Thoroughly enjoyed chatting with Scott Hanselman 🌮 on Scott Hanselman’s Tech Podcast podcast! We chat about OSS, my time at NSA, GitHub Advanced Security, DevOps, MFA, GitHub Copilot, and best practices to secure software for developers!

hanselminutes.com/940/github-adv…

At GitHub, we use GitHub Codespaces as our development environment (naturally). They are supposed to be pretty ephemeral, you can stand a new 32-core dev box up in seconds. The only problem is when you get one with a cool name you def don't want to let it go.

Why does GitHub Security Lab do research like Man Yue Mo’s recent work on bypassing MTE on the Pixel 8? This question was asked on Hacker News and we think it’s worth a short thread.
news.ycombinator.com/item?id=397522…

This Google Pixel 8 MTE bypass by my colleague Man Yue Mo is really amazing, but Mo hates to brag so I need to tell you a little story about it!

In this post I'll use CVE-2023-6241, a vulnerability in the Arm Mali GPU that I reported last November to gain arbitrary kernel code execution from an untrusted app on a Pixel 8 with MTE enabled. github.blog/2024-03-18-gai…

From Code Suggestions to Security twitter.com/i/broadcasts/1…

📣 To all developers! Tomorrow, join Joseph Katsioloudes and industry experts from Microsoft and @GitHub for presentations focused on developer productivity. Our session will delve into how developers can use AI to distill the world's security knowledge!

This Tuesday, join me virtually at Microsoft Reactor!👇

Back to Imperial College London for a guest lecture to MSc and 3rd Year Computing students of the 'Network and Web Security' course! Always a pleasure and I extend a special thanks to the course leader for inviting me for the 3rd time since my graduation in 2018.

I'm conducting a 2-hour workshop tomorrow where I'll be using React, Python3, Flask and GitHub Copilot to build an api/UI that consumes an ML model! 🚀

I'm soooo excited to show how to actually implement gh-copilot in everyday coding.

You can join too Baddies in Tech 💃🏼

🚀 Thanks to Joseph Katsioloudes & @xcorail, we're gifting a ticket to Shift in Miami!

Interested? Comment here: gh.io/miami by next Friday.
🗓️ Winner announced live after our Open Source Friday talk with Kojo @ Home.

Grab the chance—see you in Miami? ✈️ #InfoBipShift

Learn to find and fix security issues while having fun with Secure Code Game, now with new challenges focusing on JavaScript, Python, Go, and GitHub Actions! 🎮🔐
github.blog/2024-02-15-bui…

Presented the Secure Code Game gh.io/securecodegame at #StateOfOpenCon24 , highlighting how enterprises, academia, and developers all over the world have used it to date, for which I will post more in the coming weeks.

Open Source is continuing to take over the world, almost reaching 100% on Google Trends, have you joined us yet??

John Sandall Joseph Katsioloudes GitHub Security Lab OpenUK Great talk and idea behind the secure code game! Wondering if there are any plans for migrating it to other languages, like javascript? 🤔

Joseph Katsioloudes from GitHub Security Lab is talking OpenUK about the GitHub Secure Code Game

1️⃣ In-repo self-driving learning experience
2️⃣ Leverages GitHub Code Spaces & Actions
3️⃣ Real impact leading to 96% drop in security issues when adopted by dev teams