Enforcing information security policy through GitHub Enterprise
Qualcomm has thousands of users and organizations who utilize over a hundred thousand repositories. Safely and uniformly enforcing information security policies across every user, organization, and repository is not possible by hand, but with Github Enterprise’s UI and APIs, it's simple and straightforward. We combine Github Enterprise with a small standalone service to maintain security classifications of repositories, synchronize and export data, provide custom reporting, email users in bulk, manage licenses, enforce third-party compliance standards, flag problematic repositories, and enable admins to quickly and efficiently perform administrative tasks.
Our standalone service, GitHub Automation, is a Django app that uses GitHub Enterprise’s web hooks, REST API, and Search API to get, store, and take action on the information needed to maintain our IS policies across all of our repositories. In this session, you'll learn how we've increased new repository compliance to near 100%, saved countless hours by automating tasks previously done manually, identified hundreds of problematic users, and enabled access to data that is critical for countless organizations with GitHub Automation.