GitHub Start Up Wednesday with Jack Naglieri

GitHub Universe

• GitHub Universe is a developer conference that brings together people who use the GitHub platform. (49s)
• GitHub for Startups provides new businesses with free access to GitHub Enterprise for a year, a 50% discount for the second year, and tailored product guidance. (4m12s)

Jack Naglieri's Background and Panther

• Jack, the founder and CTO of Panther, has over a decade of experience in cybersecurity, having worked at Yahoo and Airbnb before starting Panther, a security company that focuses on detection and scalable alerts. (7m5s)
• Jack Naglieri's career in cybersecurity began 12 years prior to the video's creation, starting as a security analyst at Yahoo. (8m31s)
• Naglieri found that most off-the-shelf security solutions were insufficient for large companies and that companies either had to build their own solutions using big data infrastructure or operate at a smaller scale with less effective solutions. (8m47s)

Panther's Features and Capabilities

• Panther uses detection as code, which increases reliability through unit testing and builds trust in the monitoring system. (12m21s)
• Panther is a security framework that allows teams to create customized detection rules using code. (14m27s)
• Panther uses a data lake to store and analyze security data, which enables efficient threat hunting and data ingestion. (17m16s)
• Panther automates data ingestion and analysis, reducing the need for manual analysis by security teams. (18m52s)
• Panther is a security platform that ingests data via push and pull mechanisms, normalizes it, runs real-time streaming rules, and sends alerts. (20m25s)
• GitHub audit logs are crucial for security teams to monitor events like authentication changes, access modifications, and code pushes. (21m32s)
• Pip Panther, a Python-based library, provides a structured framework for managing and deploying security detection rules at scale. (24m7s)
• Rules in Panther are declared in Python classes and use attributes and methods to define their behavior. An example rule monitors AWS ALB logs for a high volume of 400 errors on specific ports, which could indicate an attack. (25m12s)
• A demonstration is presented that involves creating a rule to detect potentially compromised GitHub accounts by monitoring for multiple sensitive actions, such as making a repository public, downloading a zip file, or deleting the repository. (26m2s)
• Panther rules can be tested to ensure they are functioning as expected. (33m39s)
• Pip Panther can be used to upload and send alerts when a specific event happens. (37m2s)
• Pip Panther has a feature that allows users to define additional logic in a destinations function to route data. (39m37s)
• Pip Panther has a feature called alert context which allows users to highlight enrichments and logs that analysts should see first. (41m24s)
• Panther has auto-tuning capabilities that can help reduce false positives by differentiating between human and bot activity on GitHub. (42m28s)
• Panther has a redesigned search interface and a search language called Panther Flow that allows users to generate graphs and visuals to gain insights from data. (44m5s)
• Panther's starter kit provides a starting point for users to define rules, overrides, and global filters, and includes a command line called pip Panther for testing. (45m25s)

Using LLMs for Security Research

• The speaker recommends using tools like Perplexity and ChatGPT for security research, such as researching industry trends and understanding audit logs. ChatGPT can be helpful in understanding the structure and events of audit logs, such as those provided by GitHub. (27m0s)
• Large Language Models (LLMs) learn well from examples, so providing examples of desired outputs can be helpful when using LLMs for tasks like code generation. (31m7s)

Jack Naglieri's Leadership and Advice

• Jack Naglieri, the CTO, transitioned from CEO to focus on projects like pip Panther and customer enablement. (50m41s)
• He emphasizes the importance of intention and reflection, aligning daily actions with personal and professional growth. (51m14s)
• Naglieri believes in balancing work with personal well-being, fostering strong relationships, and building a supportive team for long-term success. (52m10s)
• Being intentional about where energy is directed is important for success as a founder and for business growth. (53m19s)
• Jack recommends monitoring GitHub logs. (54m22s)

Call to Action and Conclusion

• Andrea Griffith encourages viewers to apply to GitHub for startups to access resources and become part of a community. (56m49s)
• Jack Naglieri thanks everyone for joining the stream and tells them he will see them next week or in two weeks. (58m6s)
• He reminds viewers to subscribe to the YouTube channel to be notified of new content. (58m9s)
• Naglieri says that the event in Argentina the following day is free to attend. (58m20s)