Page 111 - Cyber Defense eMagazine September 2022
P. 111

Market potential

            GitHub claims to have over 56 million registered developers, including 72% of Fortune 50 companies. It
            makes it “the largest source code” globally. GitLab estimates its users for more than 30 million while
            Atlassian’s Bitbucket reached 10 million business users.

            Software developers use version control systems like Git and hosting platforms like GitHub, Bitbucket,
            and GitLab on a daily basis. Those are places where code is created, hosted and where the development
            teams spend thousands of hours to write, support, and improve projects. Can you imagine how much it
            would cost tech companies to lose access to such valuable data? And is it even possible?

            Source  code,  even  if  hosted  within  such  reliable  hosting,  might  get  unavailable  or  lost.  While  those
            services are considered accessible and proven, no service provider can ensure customers with 100%
            availability.



            Ups, something went wrong...

            Downtime and outages are one of the reasons. For example, in June 2020 GitHub experienced a major
            outage that lasted for hours and impacted millions of developers. In 2017 the huge outage happened to
            GitLab.com and made its services unavailable for hours. The company lost some production data that
            was unable to recover.

            How about cyberattacks? In 2019 most of tech media reported that attackers were targeting Bitbucket,
            GitHub and GitLab accounts, wiping code and commits from many repositories leaving behind only a
            mysterious ransom note.

            Finally,  we have to mention the nightmare of every IT  administrator and cybersecurity  professional  –
            human errors. Branch deletion, synchronization problems, or some intentional malicious behavior - that’s
            just some of the developers’ mistakes (intentional or not) that can put source code in danger or wipe it
            out.



            Shared responsibility

            Like most SaaS providers, also GitHub, GitLab, and Atlassian rely on shared responsibility models. Those
            define which security duties are handled by the service provider and which belong to the organization. In
            a  nutshell:  version  control  systems  providers  are  responsible  for  maintaining  the  infrastructure  and
            making sure data is available and accessible. Companies as users are responsible for protecting their
            GitHub, GitLab, or Bitbucket data in general.

            While there is a lot of management, monitoring, code quality, and security apps available in both the
            Atlassian and GitHub marketplace, there is a big niche when it comes to backup software.








            Cyber Defense eMagazine – September 2022 Edition                                                                                                                                                                                                         111
            Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
   106   107   108   109   110   111   112   113   114   115   116