Da alama gudanarwar GitHub yana tunani sosai game da tsaro na software. Da farko akwai rumbun adana bayanai a Svalbard kuma tallafin kudi ga masu haɓakawa. Yanzu kuma yunƙurin GitHub Tsaro Lab, wanda ya ƙunshi haɗar duk ƙwararrun masu sha'awar inganta tsaro na buɗaɗɗen software.
F5, Google, HackerOne, Intel, IOActive, JP Morgan, LinkedIn, Microsoft, Mozilla, NCC Group, Oracle, Trail of Bits, Uber da VMWare sun riga sun shiga cikin shirin. A cikin shekaru biyu da suka gabata, sun taimaka gano tare da kawar da lahani 105 a cikin ayyuka da yawa.
An yi wa sauran mahalarta alƙawarin bayar da tukuicin dala 3000 ga waɗanda aka gano masu rauni. Ƙididdigar GitHub ta riga tana da ikon samun mai gano CVE don wani batu da ƙirƙirar rahoto game da shi. An ƙaddamar da kasida na raunin rauni , dauke da bayanai game da matsaloli tare da aikace-aikacen da aka shirya akan GitHub, fakiti masu rauni, da sauransu.
Bugu da ƙari, an riga an ƙara ƙarin kariya ga tsarin, wanda ke tabbatar da cewa bayanan sirri da na sirri, irin su alamomi, maɓalli, da makamantansu, ba su ƙare a wuraren ajiyar jama'a ba. Wai, tsarin ta atomatik yana bincika tsarin maɓalli daga ayyuka 20 da tsarin girgije. Idan an gano matsala, ana aika buƙatu zuwa ga mai ba da sabis don tabbatar da matsalar da soke maɓallan da aka lalata.
Lura cewa GitHub a baya Microsoft ya saya. Da alama Redmond ya yanke shawarar ɗaukar tsaron bayanai da mahimmanci.
source: 3dnews.ru