Page 111 - Cyber Defense eMagazine September 2022
P. 111
Market potential
GitHub claims to have over 56 million registered developers, including 72% of Fortune 50 companies. It
makes it “the largest source code” globally. GitLab estimates its users for more than 30 million while
Atlassian’s Bitbucket reached 10 million business users.
Software developers use version control systems like Git and hosting platforms like GitHub, Bitbucket,
and GitLab on a daily basis. Those are places where code is created, hosted and where the development
teams spend thousands of hours to write, support, and improve projects. Can you imagine how much it
would cost tech companies to lose access to such valuable data? And is it even possible?
Source code, even if hosted within such reliable hosting, might get unavailable or lost. While those
services are considered accessible and proven, no service provider can ensure customers with 100%
availability.
Ups, something went wrong...
Downtime and outages are one of the reasons. For example, in June 2020 GitHub experienced a major
outage that lasted for hours and impacted millions of developers. In 2017 the huge outage happened to
GitLab.com and made its services unavailable for hours. The company lost some production data that
was unable to recover.
How about cyberattacks? In 2019 most of tech media reported that attackers were targeting Bitbucket,
GitHub and GitLab accounts, wiping code and commits from many repositories leaving behind only a
mysterious ransom note.
Finally, we have to mention the nightmare of every IT administrator and cybersecurity professional –
human errors. Branch deletion, synchronization problems, or some intentional malicious behavior - that’s
just some of the developers’ mistakes (intentional or not) that can put source code in danger or wipe it
out.
Shared responsibility
Like most SaaS providers, also GitHub, GitLab, and Atlassian rely on shared responsibility models. Those
define which security duties are handled by the service provider and which belong to the organization. In
a nutshell: version control systems providers are responsible for maintaining the infrastructure and
making sure data is available and accessible. Companies as users are responsible for protecting their
GitHub, GitLab, or Bitbucket data in general.
While there is a lot of management, monitoring, code quality, and security apps available in both the
Atlassian and GitHub marketplace, there is a big niche when it comes to backup software.
Cyber Defense eMagazine – September 2022 Edition 111
Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.