Contact Us

Why are Hackers Targeting GitHub?

07 Jun 2021

If you have been following cyber-security news for the past few months you have probably seen an increase of hacking incidents that were aiming Git repositories. The two questions that comes to mind is what can hackers do from GitHub? and why are they targeting Git instead of the production infrastructure?

The answer to the first question is scarier than most people think, as we all know, the source code is stored there, this gives attackers 3 attack vectors. The first is examining the code for vulnerabilities, the second is searching for secrets in code last year over 2 million secrets where found, and last but not least, over the past few years deployment automation through CI/CD pipelines has made it easier for attackers to get their code into production without having access to production, or triggering any security alert.

The answer to why are they targeting GitHub is simple. Companies are spending thousands of dollars protecting their production environments by adding: MFA, conditional access, security detections, just in time access, and more. While git access has stayed with the usual SSH Key authentication, or even worse, a password only authentication. Making it the weakest in the chain, while also having some of the highest potential for lateral movement without being detected.

To solve this problem, we have created EZGIT, the first GitHub SSH CA. EZGIT is a simple to use tool that will use your corporate identity with all the security features and detections that you have implemented and use it to request a short-term certificate to authenticate the user into GitHub. EZGIT adds the certificate into the OS’s native ssh-agent which allows the user to keep utilizing their favorite git client.

EZGIT does not only improve your organization security, it also reduces engineer onboarding time. By removing the need of users managing their own SSH Keys, you remove the process of creating and registering the key on GitHub. Instead, the user logs into EZGIT using their already known corporate SSO login workflow and EZGIT does the rest without the user knowing, as we like to call it: simply secure.

So what are you waiting for? Make your engineers work less, and your organization more secure by requesting a demo