all right hello everyone we are now live you should all be able to hear us uh now if not let us know in the chat uh if we're coming through loud and clear but I am super excited to be here and I'm super excited um to have with me Greg Beck um he has a much longer name but if you're a logistically challenged like me then uh you're gonna I'm gonna stick with Greg but welcome Greg uh thank you yeah hey hello nice to be with you here so um I'm just trying to get YouTube streaming happening but that's not uh working for the moment but see if we can get that happening later but never mind we're here on crowdcast that's where the party is happening so uh welcome uh so today we're going to be talking about uh ransomware so some devop backups versus ransomware best security uh and compliant practices so Greg what what are we going to be talking about in the webinar today oh during today's webinar of course we are going to to discuss uh about the ransomware what ransomware is some some alarming statistics about to run somewhere but also I'm going to share with you good practices how to protect your repositories against or maybe after around super attack but I hope you are safe enough to to prep and transfer attack but as we used to say you can never be sure that ransomware won't hit your repositories your data so better be safe than sorry and that's why we meet today I think all right all right so I'm looking forward to it so first of all while we're waiting for everyone to join a couple of couple of mentions surprises we do have prizes here today how do you win prizes you win prizes by basically participating by being really noisy and obnoxious no not really but we have polls in there uh we have a section to ask a question and we also have a chat um so uh feel free to say hello to anyone in the chat we have uh people from uh get Guardian monitoring this so if you have any questions about that let them know in the chat there's also a section to ask questions the chat can get quite noisy so if you have a specific question you can ask us at any time and we'll get to that at the end um so you there's a section there where you can ask a question and you can upload other people's questions and finally we have some polls that we'll go through that you can participate in so uh good luck to everyone and and hopefully we'll be able to get some some nice participation uh just uh to my favorite part because I'm always curious where we are so I'm tuning in from Paris uh today Greg where are you tuning in from oh today I'm I'm in in Poland in Godzilla copulski so it's a city around 150 kilometers from from Berlin which is German Capital uh yeah and I'm on the on there let's say West part of western part of Poland so let us know where you're coming from in the chat um I'm always curious to see that there Iceland whoa Stockholm Sweden I think it's the first from Iceland welcome welcome that's cool Brazil Paris another one from Paris be ever new Portugal I mean Portugal later on this month it's gonna be my first time Spain Uruguay Uruguay Florida I was in Florida uh just before the hurricane I managed to sneak out of I was at a conference I managed to sneak out just before the hurricane so I hope you're doing well in in Florida uh thoughts with you guys all there Belarus Malaysia India ah some really cool places I always love just to see where everyone's coming from it always amazes me I'm from New Zealand no one's ever said New Zealand yet it's five o'clock in the morning there but one day I'm hopeful that someone's gonna want to know about ransomware so much that they're going to come on at five o'clock in the morning so all that we have today uh you'll notice it in there we're going to reveal the results of these at the end but have you or your company or organization ever been a victim to ransomware attack so if you were personally implemented by that um whether or not your organization was or whoever you have just not been uh not been affected at all haven't been affected yet and uh as far as I know no companies have that I've worked with but it is always curious because the targets are Ever Changing as I'm sure Greg will say yeah um now we have one other way that you can win uh an Amazon gift card with Git guardian and that is our secrets management fails so these are stories that we compile about some funny things that have happened around sequence management I'm going to share one with you today this one um uh this one's it's one of my favorite it's hilarious uh slightly it's borderline appropriate for walk but we're gonna we're gonna go through it uh here today so I'm gonna read this this was an anonymous one this is an option Anonymous for reasons you'll understand soon uh but this is one of my favorite my one of my favorite stories so back when I was an intern at another company my second day on the job in infosec there was a news report that the Navy was hacked by manager wanting to see my research skills wanted me to investigate how it happened long story short the Navy was hacked by a smart sex toy and the first week on the job as an intern I had to present to a panel of my peers mentors managers and Senior Executives the importance of iot security devices like smart sex toys from China because default passwords allow them to be hacked and then to steal Dart secret data from the Navy um so yeah today I'm still embarrassed by this story but they liked my report we find Secrets everywhere default passwords we also find hard code secrets in iot devices so this is a a pretty funny story that we've had if you have a funny story about Secrets management then let us know you can email us you can reach out to me on Twitter at Advocate Mac and you can win some prizes from sharing great stories like this I wouldn't recommend trying to Google uh I was trying to find additional research on this side as I this is probably not something you should be using it at work but uh anyway moving along from that a couple more polls before I'm going to hand it over to Greg and let him get into it so uh some other questions that we have is ransoms here something that is a concern for you uh or your company it's a high priority medium priority low priority or you're not worried at all about ransomware you live in the good life and the final one that we have in a poll is asking you do you back up your source code so do you do automated backups manual regular backups occasional backups or no backups of your source code in a structured way uh so that's it I'm going to quickly turn off machines my screen and I'm going to invite you to share your screen Jimmy just a minute there Greg yeah sure all right you should be able to share your screen now yeah and I think I can and I hope right now you can see my screen quite well or not can you yep yeah at least I can yeah perfectly so so I think it's our time to start talking about about our about our backup and of course about ransomware how to deal with ransomware about some alarming statistic and statistics and so on so before I start I would like to give you just just quick overview to our company who we are and what experience we have to talk about backup so in general the pro software who is producer of jute product our backup platform is the leading backup and Disaster Recovery provider around the world our services are available in more than 15 countries and we've got around 13 years of 30 years of experience uh in data backup and presence on the market nowadays we are protecting hundreds thousands of of the customers and if you if you're thinking what customers what big brands are behind our company here you can you can see a few of brands that are using Create protect to protect their cheat repositories so there are some some companies from public sector like for example NHS which is National Health Service in Great Britain or for example red which is which is I think one of the greatest camera producer they are making cameras especially for Hollywood and that's all about the company I don't want to make you birds so let's talk about ransomware about its most alarming statistics but I think first of all we have to start and answer the question what is ransomware I think most of you know what ransomware is but of course it's runs it's it's its malware with some signifying signs like it's blocking access to your data by its encryption or erasing so in general when ransomware will hits your data your computers or any external Services it's my task is to block access to your systems to your data or to end anything has what gets infected usually by by encryption or by just data erasement and of course as its name points run somewhere demands you to pay to ransom for getting back access to your data and last years we we observed that ransomware is not only blocking the access but also it's telling your data and then it's Expo and then your data gets exposed if you didn't pay to Ransom so it's another way to force you to pay to run some after your data gets encrypted so it's not so good malware as you can see it hits to it hits many companies many different personal users and you should be aware if you don't want to get your data encrypted ransomware isn't something new on the market it's longer on this world even than I so the ransomware is 33 years in the market the first version of ransomware has been released in 1989 it was named eight and it was developed on five and on a five inch floppy disks and its main task was to encrypt files on the computers and after that it changed the names and locations of those files then after it yeah I wanted to know how does how did how did this uh spread you said it was on a floppy disk you know like yeah this is this is different to the malware that we're dealing with yeah the data difference you know almost by itself you know 1989 so so there were no internet at all I think and it was spread just using standard males males so it was it was sent from as far as remember Great Britain and it was sent across them the attendees of some half conference and that was focused especially on AIDS so so so that was the way of targeting they're getting the victims the the attackers just get the list of attendees of the conference and but by normal post mailing they send they send those information moreover information about The Ransom that has to be paid was just printed out from the printers it was not displayed on the screens but after around 90 19 restarts of your computers you were you were asked to to turn on the printer or to connect the printer and after that the information was just printed out so so crazy behavior crazy way to to develop run somewhere but it's like a it's like a hotkey like a USB hotkey that we have today but in a floppy disk yeah yeah exactly exactly so so so that's the way that the first ever known ransomware was working but of course nowadays we've got a lot of different a lot of different different kinds of ransomware it's not sent to you on a floppy disks but you can get infected in many many different ways and it causes a lot of damages average Ransom demanded in in the third quarter of last year was around 140 thousands of USD dollars so it's quite a lot I think if your data gets encrypted and you have to catch them back for such a price but usually you don't have other way to get them back if you don't have backup in place but moreover what's what's more alarming about the statistic around 32 percent of victims paid Ransom but restore only around 65 percent of their data so even if you will decide to pay to rent them you don't have guarantee that you won't get your data that you will get your data back moreover as we said before ransomware also steals your data expose them if you want paid to Ransom so you cannot be sure that such thing would happen again to you that attackers won't ask you for another Ransom uh because instead of they will publish your data again so that's why you have to be safe and secure against the ransomware but that's not just it's just it's not just encrypting there's always a threat of them publicly exposing it we saw that like this year with lapses their threat was basically to expose public the source code of these companies and you know it wasn't necessarily that was encrypted there's multiple threats when it comes from ransomware yeah you know it's from from the attacker perspective I think it's a great way to force you to pay to Ransom so give me the money otherwise I will show you to everyone well what's what you've got in your files I will show you all your data all sensitive confidential information and I'm quite sure that there is no company who wants to to expose you those data to public no I mean especially not with the amount of sensitive information that we find in such data yeah yeah so another one alarming statistic is about number of cases so in the first half of this year there were there were 236 million of ransomware cases discovered in previous year there was around 623 Millions but it was above average growth but still we can say that ransomware is growing up year by year because two years before there were more than 300 millions of ransomware cases so year by year number of ransomware cases is growing up and I'm quite sure it will be growing up so what causes the to ransomware what are the vector attacks I'm afraid and and I'm scared that the most common run somewhere way up the most common way of ransomware infection is phishing email it causes two-thirds of ransomware infections what means that we are opening some malicious emails some some attachments that we shouldn't open and of course it means that I.T staff I.T Personnel is not well trained and there are not enough security measures in place to prevent such situations like phishing email other quite common Vector attacks are not patched and updated systems and softwares and also credentials exposure and here is the time to talk about the first noun and while described ransomware attack which targets all commonly all commonly used and I think all services that provides you create repository hosting and we are talking of course about GitHub cheat lab and bitbucket users this runs a more wiping code comments and anything else from multiple repositories and leave only run somewhere nodes to pay around I don't remember exactly but it was something around 100 not 100 I'm sorry it was around less than one Bitcoin for for accessing your data so so in general ever in general affected companies affected affected organizations lost access to to their source code to their repositories to to any metadata and anything as what they are storing onset services like GitHub cheat lab are bitbucket and it was caused by credentials exposure GitHub cheat lab and bitbucket find out that uh there was there was credential leak from some external systems not connected with them of course but also in in some in some encrypted or erased repositories they were also they were also some some credentials start so that's why it was quite easy for the attackers to access to those repositories and erase all data by overwriting I I think by overwriting the head Branch you can find a lot of your information about about this access about this attack because after attack GitHub cheat lab and bitbucket describe it pretty well and they also publish some some more information about how it happened and what they did together and of course as far as I understand kit Guardian can help you to prevent such situations like credentials exposure am I right I didn't I didn't even have to do the plug you did the plug for me that's fantastic well what I was going to say too is this is that uh um you know we gigerian discovered uh we we scan every public uh commit that goes onto github.com is maybe how you found out about it Guardian but last year we found 60 000 credentials for uh well on GitHub we found 60 000 GitHub tokens so we found 60 000 access tokens to private repositories in public git repositories so people are accidentally committing their you know access credentials to their to the GitHub accounts what's really concerning about this is that GitHub uh shares often shares accounts you offer often have one account for GitHub and you use it for both personal and professional maybe you know so by leaking your even if it's just your personal GitHub oauth token you know you could give access to your private repositories so in the case you know credentials exposed here was how the attackers were wiping this well I mean I could imagine a scenario where you could easily set up a bot that looks for GitHub tokens on public GitHub repositories goes in there wipes everything demands around you know demands of Ransom sixty thousand GitHub tokens I'm just talking about GitHub tokens uh we found last year so I mean yeah for sure we can do this and yeah as you said kick Guardian yeah we can help last plug you know I I I I'm afraid of the number of tokens you you just find out in only in GitHub so I don't want even to think about cheat lab or bitbucket or any other on any other Jet Services because because I think those numbers only can increase so it shows that you have to to be sure and aware of any credential exposure and everyone can can make a mistake so that's why you need also Solutions like keep clarity uh yeah so the ransomware of course is not the only reason why you should back up your data so just quickly let's take a look at other reasons we often hear that someone have free posts on every developers computers that have never lost any data or making maybe copies by using the script so we are talking about usually manual backups but it's not true and with those sentences you cannot stay safe why because cheat copy consists of repositories but also metadata so quite often when we are talking with our potential customers with our users and they they find out that even more valuable for them are metadata like pull requests like some comments like some issues or maybe Wiki starts directly in the repository than just only the source code also not all repositories are stored on developers computers so if you think that you're safe because you've got your repositories locally or maybe they are on other developers computers and it's not true and you're not safe because usually only only those active repositories are stored on developers computers moreover if moreover it's possible scenario that runs somewhere it will infect their computers and after that also We'll erase your remote repositories and of course the data that you're working on shouldn't be treated as backup because it's your working copy which you are using on your daily basis and if we are talking about the scripts they are usually unreliable they require manual maintenance a very often such backups are not tested at all so even if you have backup done by the script you are not sure if you will be able to restore your data and what else about the scripts of course quite often they don't contain those metadata we've just talked about they they contain only usually Pure Source Code and moreover statistics says that manual backups are usually older than half a year so so after half a year your data are usually useless for you because as we know the world is running pretty fast and there are a lot of changes among your source code and repositories within such half higher there is also shared responsibility model known also as limited liability and it's of course provided by GitHub cheat lab and atlasian they recommend having additional third-party backup software for data protection because they are responsible for service accessibility uptime security but you as the end user are responsible for data protection and any legal compliance and if we are talking about compliances this is another reason why you should have backup in place because a lot of different certifications and compliances requires to backup your the most important and sensitive data so so this is another legal reason why you should backup your data and now it's time to take a look at backup best practices how to protect your data well of course how to protect your git data well first of all your backup should be done frequently and automatically because as we said before manual backups are usually older than half higher so that's good to make automatic protection of all repositories no matter if if they are already active or not because you never know when you will need to access to your repositories there are a lot of organizations a lot of companies that quite dynamically or even very dynamically are creating the repositories so it's good if you are able to automatically take all of them for backup and don't worry about any newly added for example it's also good to make backups into incremental and differential manner because in that way you don't need to send too many data at once and and you are just fetching from from your git repository only the change part of the data and of course in terms of source code it's not a big deal to make every time full copy of your data because usually source code is not so big and it doesn't take so much space and size of in terms of data but if we'll take a look at those metadata just mentioned you need to know that each provider like GitHub G flap or or atlasian provider of bitbucket and they are providing some API rate limits and if you will try every time to fetch the entire uh the entire metadata content you are sending a lot of requests that are not needed because those data are already in backup so thanks to it your backup is way faster why why is it why is it important to backup metadata you know as well as opposed to just just the source code or am I am I or am I jumping ahead uh you know you know I I just said before that a lot of companies find out they comments issues or pull requests or for example lfs which is also not a direct part of your repository they find out those data sometimes even more important than just Pure Source Code moreover you've got your source code on on your local computers usually you've got some local repos with source code but not with metadata because those metadata are stored only in those external services like GitHub G flap or bitbucket so if you will protect them you will be also able easily to to restore them to restore your entire Service setup like for example users permissions and of course comments pull requests issues and so on uh so so that's why I think it's it's quite important for for our users to protect also metadata not only the source code because as we said source code is stored on the on the developers computers of course it's not a backup but there is some way of protection for that data yeah so that's why I find out important to to protect the metadata uh but also it's quite important to have full control over the scheduler uh I think that you should be quite familiar with those API rate limits if we are using for example some CI CD tasks and if you will get run out of those limits your CI CT tasks your pipelines are not able to to run because of the limits and if at the same time the backup will be done which is using the same API because each of those vendors have single API and there is no different API for example for pipelines and other accesses then if backup will be done at the same time as your pipelines for example are running it will faster run out your requests limit and it's also good to have maybe not unlimited number yeah unlimited number of backup policies or enough number of backup policies to divide your backup for example to to the most important and less important repositories to to current and archive repositories to give you the full control over how often when the backup is done and of course we cannot forget about the data retention which says how long your data stays in the backup with you and it's also good to have flexible data retention when you can set it up to your needs to you to your requirements to compliance rules and anything else what you need in about repos wines covering call data we've just said chat not all data are usually protected even if you're making your backups over the scripts usually you're protecting only your source code only only repository without those additional metadata like comments like pipeline pipeline configuration like permissions accesses and so on I don't know if you ever heard about three to one rule in terms of backup which says that you should keep your copy in free in three in you should have free copy of your data in two different locations and at least one offside so that's why also you should be able to keep your backups in multiple locations and if you are looking for any backup solution even if you're going to deploy any script on your own you should be aware to of supporting some additional backup storages not only for example the local one but also it's good to have support for some cloud services especially for some public cloud services of course we don't want to make the backup twice for example firstly to your local storage and then from The Source directly to the cloud because it's unefficient because of API rate limits so that's why it's also nice to have efficient and relabel replication which sends data directly from one data store to another one without accessing your cheat service of course everything must be as secure as possible to backup itself is some security measure but of course it's also good to have the backup encrypted otherwise some third party May access your data from backup and it's another way your data can leak leaks so that's why it's very important to keep in mind that your backup should be encrypted the best in flight and address what means the data are encrypted is encrypted as fast as possible on on the agent or maybe on the script side and also it should be stored in the encrypted for usually yeah sorry I was just going to say this is such a good point because I just wanted to before I forget to mention this people often say to us uh you know we talk about this concept of Secrets for all your secret scrolling and one of the areas that I say your secrets often scroll to is in backup service and these are often targeted by attackers because they have you know complete backups of them so it's super important that it's encrypted so I'm really glad that you brought that up because it's a it's a common kind of uh talking point that we have to go through about backups because there's so much sensitive information and secrets in source code and repositories even if it shouldn't be there it is there um yeah when you're backing up in multiple places and all that you're adding to secrets for all unless that data is encrypted so a really good point I just wanted to inject yeah before I forgot yeah yeah but but you know it was it was good interaction to this presentation to to say about it loudly because because yeah if even if anyone will access to your data that are encrypted he won't be able to to read anything what's upside of your repository for example so you can be safe and if you are talking about about secrets of course any backup solution must have some secrets with which allows to access to your to your organization to your repository so you must be sure it's managing your secrets in the most secure way is it possible and also it's good to have immutable backup storage because as we said we never know when and in what way ransomware Heats so so with immutable backup storage you can be sure that even if the ransomware where we'll access somehow to your backup environment your data will be still there on the storage not encrypted by the ransomware usually it's realized by warm policy which is right once read many and it allows only to particular application to write the data or maybe to modify them but any other application and even the application which writes the data is not allowed to remove the data unless retention policy for example is met there are different ways of of worm implementation so everything depends on the storage you are using we are lazy everyone is lazy so that's why management of backup should be effortless you shouldn't spend too much time on setting up some backup policies or for example on monitoring of your of your environment everyone wants to have anything right under the hand and check the most important things with just few clicks so that's why it's nice to have some automated automated reports female slack or maybe over the web Hooks and also usually we don't want to to access over SSH to some machine where there is script running because it's not so secure and the best way is to have maybe some browser access so just to remind effortless management should be also important otherwise you won't be configuring the backup as it should be configured you won't be monitoring the backup and maybe the backup will be will be failing for some for some couple of days or even weeks and you want to know about it so just to prevent such situations try to find the solution which doesn't need too much effort from your site to manage the backup and of course if we are talking about backup we must also talk about restart and Disaster Recovery what to do in case of ransomware attack how to restart the data and what possibilities what opportunities you should have to be able to restore the data first of all of course you should be able to restore multiple repositories at once with scripts usually you need just to restore repository after the repository it takes time to restart to configure such process and usually in case of any disaster we would like to continue our businesses our our daily works as fast as it possible also you should be able to restart the same or differentiate service and sometimes it's even more important to have possibility to restart to different Jitter than the source one because for example in case of any outage any any I don't know service issue service errors like for example let's say GTR becomes unavailable for two days and you can easily restore you should be able easily restore your service maybe to GitHub on premise or maybe to another jit service and of course you should be able also to select exact point in time you want to get back your data from because maybe maybe last backup contains encrypted by ransomware data so sometimes you have to restart not the latest one and version but one of the previous you should be also able to recover your data to sub local machines because backup is not always Disaster Recovery sometimes you are restoring it for some for some other issues maybe you would like to to download locally some archived repositories maybe for some forensic issues and and all the reasons you are you are just need to to fetch it locally it's also good to control resources that should be restart because not always you may want to restore for example or metadata or maybe lfs or anything else so usually it's very important for the end users to have the control over the entire process and one of the most important things I think in terms of restart because everyone makes mistakes so backup solution shouldn't allows you to overwrite your data that are on your production environment that are your own GTR organization because otherwise if you will be under under stressed after after losing some some important data you can overwrite your data existing data by mistake and then you can cause bigger disaster than it was before you restart so you cannot overstate the poor decisions that we all make when under pressure and facing uh and facing you know these challenges that we have so like that's a great point and Muhammad in the in the in the chat I'm glad that there's another git lab user in there foreign yeah yeah but but of course G clap also needs backup I I believe I'm quite sure any other uh every every jit service needs backup as for example yeah as for example the the attacked the attack I I talk about at the beginning it affects all of them gitlab GitHub and beat buckets so so it's not about the service we are using but in general everyone must be safe and and at the beginning I've just mentioned just a few words about Street protect and separate software so if you don't know what treat protect is I think this is the most professional devops ecosystem backup and disaster recovery software using our experience our great backup platform we've developed jit product i o which is dedicated for devops ecosystem protection right now it protects GTR bit bucket gtlab and jira so so the most important I think for devops ecosystem resources are already protected by this product treat protect of course provides you all those security measures we we just talked about gives you all those good practices uh available for you you can Define multiple backup plans as many as you need you can integrate as many different organizations into single treat protect instance which could be running locally so we are talking about on-premise installation but also you can easily run Jude protect as a service directly in our Cloud so you don't need to worry about setting up any additional environment for example for a backup purposes and everything will be safe and secure in our cloud of course there you've got the full control over the retention over the scheduler there is support for multiple different backup storages so you can store your data of course locally on some on some local network resources for example you can use some public clouds like AWS S3 like Azure and any other S3 compliant vendor but of course also as a service provider we are providing you our own storage thorough data backup and I think I don't need to talk too much about about our solution about our service and it will be the best if I will present it to your life or maybe even if you will check it out on your own because stay with us until the end we've got some promo especially prepared for you so let me let me let me change the screen I'm going to share with you I would like to see how I can do it so please give me just one second to change the screen I'm I'm presenting to you because demo I've got prepared oh thank you take this moment to remind everyone that they can ask questions directly to Greg in the Q a sections on the right hand screen uh next to the chat next to the polls so if you have questions we've got a few in there but uh if you have questions specifically about ransomware about backups um uh or if you just want to throw a curveball out there feel free to to use that one we'll be answering those after the demo yeah yeah I yeah I can see that there are already three questions and even one is yours uh yeah I'm I'm just taking a look at them if there is anything I can I can include in my demo and yeah but I think I don't have already any question that I can try to answer over the Timo but of course if you will have any questions feel free to ask them and I will also try to to put them in a demo I will also be taking a look on the chat during the during the Teemo but I don't want to make it so long because I believe the better is to check everything on your own to make sure it meets your needs instead of you know just watching the demos because on the demo usually everything works super fine super well and and in real world it may be quite different but of course not with this protect it works in real world in the same way as as during the day I want to know what kind of demos you're doing because every time I do a live demo everything goes wrong yeah yeah because if if something has to go wrong definitely it will go wrong during the demo all right let's go I'm holding my breath for you we can do it now I'm kidding of course it's gonna go first okay so what you can see already on the screen is my treat protect instance running directly in the cloud what you can what you can see here by by the URL so first of all let's start maybe with GitHub integration let me show you how easy it is so here I've got prepared my so so my GitHub account with some repositories in place and let me just edit and firstly remove my GitHub organization let's refresh and there is no GitHub in place let's even replace refresh the entire page just to prove there is no GitHub in place and there is no at all so now what I need to do is to add organization select the service we are talking about three chapter is also support for GitHub self-managed and other services like GitHub or bitbucket and I had a question I saw a question on on a chat what if GitHub crashes uh then you can restore your data for example to G flap or bitbucket or to GitHub self-manage so there are a lot of different ways and opportunities but let's start with GitHub integration you can integrate GitHub with jitprotect in two different ways you can do it as all of application what I'm going to do right now or you can also register integrate over login and token here we have to decide how often the list of repositories should be synced and here is quite important thing to automatically add new repositories to protection what means they will be assigned automatically to even to backup plans if you will configure them to protect all of your repositories so let's not waste our time let's proceed and as you can see here everything is done automatically I've made it before so the off application has granted permissions on my account but of course at any time I can remove them and do it from scratch but I'm not going to do so uh okay so now we've got our GitHub already added let's refresh and here it is at the bottom so in the next step we just need to assign a backup plan I've got multiple backup plannings in place because I'm using this instance object protect for uh for a demo proposes so maybe let me create a new backup plan I don't want to stay with the existing one and here in the in the first step in general you have to decide what repositories which repositories would you like to protect you can decide to protect all of them no matter how many repositories you've got already or you will have in the future are just selected repositories and here is the list of repositories you have already on your cheat organization so let's stay maybe with protection of all of them in the next step you have to choose word metadata or what data would you like to protect if it will be only repository which obviously must be protected but you can control if you want or not to protect your metadata and as you can see there are a lot of different metadata available they are changed depends on the service we are protecting but today we are focusing on GitHub so for example we can protect your deployment Keys maybe some some projects some teams under under teams and collaborators of course there are also some permissions so so that's why that's the list of the repositories we are protecting and I think it's quite important to protect them as we talked before so let's save and in the next step the the first step in general you have to choose select storage for backups here I've got just one steroid in place which is of course provided by the treat product it's called Surplus storage but at any time I can create a new search I can assign a new storage digit protect it could be for example some local directory so I just need to install the agent on my computer and then I can I can backup everything lock locally to some my local machines it could be also Network location available over SMB or NFS and the rest of public Cloud clouds I I've mentioned before so I believe all the most common cloud services are supported by cheat protect 2. but let me stay with a backup storage selection which I've got already in place so I'm not going to create any new backup and then it's time to schedule the backup uh let me just take a look only on the chat because I had displayed the question at the Q and A section is there anything I think already the question not related okay if we don't have any related let's let's continue There are no questions I can present on the on the during the demo so let's go with the scheduler as I said before it's quite important to have the full control over the scheduler for example to not to not interact with your pipeline with your cict tasks to left the API limits uh all for them so you've got the full control injured product how often for example fullback app is done my recommendation is to stay with a monthly setting there is no needs to make it more often than once per month and the same we can do for incremental copy which contains only the change part of your data since the last backup has been done so with incremental copy you you can for example set it up to make it even every few hours let's say every four uh there are some other settings related to the scheduler but they are not so important in terms of of GitHub and in general of jit repository backup but here at the bottom you've got the task balancing and it could be quite important if you've got a lot of repositories to be protected because it can help you to deal with those those APA limits we don't like and for example we can reduce the maximum number of concurrent tasks up to three that's even GitHub recommendation as far as I remember so so in general we are not accessing more than three different repositories at once and about the retention as I said during the slides it's nice to have full control over the retention so you can decide how long for example fall and incremental backups should be stored good practice says to keep your full backups quite a long period of time let's say for example for three years and your incremental your daily backups it doesn't need to Disturbed they don't need to be stored so long because it's your it's your active copy so let's stay with one month of every four hour backup resolution I have a label so let's apply let's save and at the end we've got some advanced settings here for example you can find the encryption then of course my recommendation is to enable the encryption always for each kind of backup cheat protect encrypts data using AES algorithm which is Anchor cable so literally no one can access to your data without knowledge of the encryption key which is served as all other GitHub protect credentials in the secure password manager it's a part of our Management Service of course all passwords and all secrets that are stored in this secure password manager are encrypted as well but in the near future we are also going to provide support for external credentials provider like for example Azure Vault so stay tuned with us because also we will give you this opportunity so let me let me set up some encryption key weekly I hope not to make this mistake all the requirements are met so let's name it just a key and let me say if I would like to encrypt my backup to follow good practices and here at the end if there is addition if there are additional jit credentials you can provide with GitHub we are limited up to 5 000 API requests per hour and if you want to improve the number of requests we can send you can create additional GitHub users and provide us their access tokens so when one of those users will be run out of the of the requests then jit protect will switch to another one and we will have we will have also uh improved number of requests available to be sent uh okay there is a question about about compression so in general all data not only that metadata but also your your source code is compressed as you can see there you've got the full control over the decompression algorithm as well as the compression level but I think compression is not so important in terms of in terms of cheat backup because the size of the data is not so big and usually if we are talking about compression algorithms or compression levels we are talking about for example physical environments backups or virtual ones because also it's supported by uh by maybe not by jit Protect by the pro one the platform Rich protect is based on so that's all about the advanced settings and in general about about backup plan configuration so let me name the backup plan like cheat Guardian cross with protect and save and run to start the backup and let's quickly go to the tasks because this backup should be pretty pretty fast we've got 12 repositories to be protected in general with limited number of concurrent repositories under the backup up to three so all of them those three repositories are already in progress and we need to wait for for one of them to be finished to start another one as you can see we are on the writing phase so right now the data are writing on your backup storage and they are fetching at the same time of course from your from your cheat account we can see that the repository is already successfully protected so we are fetching the metadata and yeah that's the way we can monitor how our backups are done so right now we just need to wait a while for the backup to be to be completed but of course obviously I've got some some older backups already done and I saw that there were some questions about the data restart so I would like to show you also how easily you can restore your backups and in the meantime I believe I believe everything will be also completed so let me just take a look in the meantime also to to the Q a panel is it possible to use cheat product for an encryption part is it possible to import our own encryption key so answering this question I think I've answered this question but let me just say it one more time at this moment you have to provide all encryptions keys manually to our to our secure password manager but within next two releases as far as I remember we are going also provide support for external credentials providers like for example Azure votes so this it will be another way to provide your encryption Keys uh using such third-party service and in the meantime as you can see I've got two repositories successfully protected the first one is WordPress and the second one is also WordPress but with uh the second one is also WordPress but with types time for for restart if the backup is already done we can also take a look for example at number of successfully protected resources nine labels one collaborator one repository successfully restart Source data science was around 300 megabytes and pretty similar or even a little bit greater protected data size because there are some additional information written directly by git product so as we've got already backup done let's head into the devops tab because here we've got all all our organizations already added scroll down to GitHub and let's go to manage and restart there is a list of all repositories that you've got already available and are synced with treat product each repository of course have some nice dashboard available so you can for example take a look how well it's protected here for example we've got stereot utilization but by this particular repository and it was baked up many times before so that's why it's around three gigabytes even there you can see that within last seven days there was 42 in total successful backups not three stars but everything excuse me is about the backup and of course we've got also access to recent notifications that are related to this particular repository oh and this is robovm pretty nice framework for for iOS development which allows you to to to provide your source code in Java for iOS yeah but we recently talked about WordPress it's already protected so let's head into restart here we've got the list of available backup plans that has been recently done and at the end there is cheat product cheat guardian and cheat protect so then there will be a list of backup versions loaded so we need to wait rewind I hope it's not my internet connection and after that I will get I will have to just select the version I'm going to restore and then and then I would like to continue but as we said before it's something if something has to go wrong it will go wrong during yeah and here we've got we've got two two backups versions already done and even even it was fast enough to make one more incremental copy as you can see and since we've started our since we've started our and since we've created our backup plan so this backup has been done twice what is pretty fast so the full copy has been created at two minutes before 6 pm here in Poland and incremental was created at 6 PM so let's restart the increment and in the next step we have to decide which repos what metadata we would like to restore together with the repository because obviously repository should be restored always and yeah probably it's because the backup which is already in progress that's uh oh yeah here we are there are two tasks left to be completed so I believe there are last two repositories are already baked up and yeah here we've got collaborators and lfs in this repository what we show also in the backup summary and I would like to restore all the metadata so let's head into the last step to register select that as you can see the encryption key is selected automatically because it's already in my secure password manager otherwise you will have to provide it manually by default there's added label to restart elements so you can easily find it out on GitHub site that this repository has been restarted we are going to restore it under the custom name you can see below but of course you can provide your own name let's name it like cheat webinar at the end we end we can reduce bandwidth but it has no sense if we are using our Cloud worker which is the agent set up directly in our Cloud so there is uh one more important thing I forgot to mention you have or you can choose where do you want to restore and I think by this I can answer also to one questions related to data restart so if for example GitHub goes down you can from this point of view easily select cheat lab bitbucket or any other organization you've got already implemented uh into into jit protect that was a discussion that people were having in the chat what happens if all the world is on GitHub what happens if it goes down well if you've got to predict what happens is you move to a different VCS you know a different service yeah because you have your data yeah this is you know in general this is also another use case you can follow with jit protect and you can use our software also to migrate the data between one service to another one for example if you want to move out from bit about there is no easier way than to use Street protect with all your issues pull requests and anything else because we allow you easily to to cross recovery of your data and of course not only to to teach organizations you can restore your data but also to your local devices it requires you to download and install the agent but we've got prepared agents I think for all operating systems available on the market Linux Mac OS and windows so so you can easily download and install th and there to restart the data locally but let's stay with GitHub with the same account the data comes from we've just changed the name of our repository so let me press start now let's go to tasks quickly and let's take a look at our backup which is already in progress and the restart the restore process gets initialized so as you can see the summary of restore process is pretty similar so let's wait a while for the data to be restart and let's take a look for example at our last 30 days so here we've got the list of the tasks that has been done within last 30 days in general and for example you can see digit Guardian cursed with protector backup has been done today twice the first was for all repositories we have and the second one was only for four repositories because when it was triggered the rest of repositories was awaiting were awaiting for for this first one to be completed it took around seven and a half minute to complete the entire backup and at the same time two and a half minutes to complete incremental backup for those fours for those for repositories uh but as you can see for 30 days you've got a very detailed information about everything you baked up after this period of course you can access to your logs and here you will find all informations about everything what's going on in your cheats protect instance because we can say it's very detailed audit log and each action that took place in treat product is locked there as you can see I've got quite a lot number of entries and waiting for the repository to be restarted just to let you know of course you can find them email slack and web hook notifications you can also decide if you would like for example to receive notification about successfully finished tasks usually I've disabled such notification as most of the administrator does as well because they say they don't want to be informed if something is successfully because it produced a communication mass and cows and and sometimes you can easily Miss some important information so that's nice to nice to have this control as well and of course you can also easily create some additional administrative account and I believe the rest of those features you will be able to verify on your own here we've got around 2 minutes to two and a half minutes and almost the entire repository has been restored and it's already has been restarted so we just need clinically jump to the second step to last 30 days to take a look at the backup sum at three stars submarinet backup and we can easily find out that everything repository nine labels have been restored successfully we don't need to restart the collaborator the permission are assigned to to the repository automatically collaborator of course exists in GitHub and we are not able to restart the account we are restoring repository in metadata so all related information and at the end let's go back to devops here we've got our 12 repositories but if we'll get to manage and restart there is sync Now button available the number of repositories just increased and let's try to find yeah and here it is WordPress treat webinar under that name we've restart our repository so it's available there is no last backup time because it wasn't baked up yet and I think we can finish there our demo so so that's all what I had prepared for you today in terms of demo I hope also I've I've covered all or maybe most of the questions from the chat I also try to take a look at the questions you've asked in the Q a panel let me change the screen to the previous one which says before that we are going to head into live demo and where's my screen so just quickly yep the recording link will be available so if you want to go back and look at the demo um for those asking in the chat that you'll be able to come back to this exact page um once we've ended the webinar and and watched it there um so q a we do have to be I think you've answered most of it where over time so we do have to to wrap it up um pretty quickly Okay so come on go on no no you you'll you go for it okay so why is it important to back up metadata as well we've talked about it a lot I think during today's webinar but just to remind because metadata are not included into your source code they are usually they usually stays only in the service you're using like GitHub and and you don't have any other place with those metadata available so that's why you have to protect them metadata or not only comments are not only issues but of course there are also permissions lfs and waymer it's run somewhere a treat for telephone devices to be honest I don't have in my mind already any known attacks of the ransomware and I should Google for it but every device connected to network is is or can be treated by the ransomware so also on our mobile devices we should be aware against iransomware uh okay is it possible to back up configurations of third parties integrated in GitHub uh CCA details static code analysis tools for example it might be done via metadata I guess um to be honest it depends but usually we are not able to access to such data everything depends if if such that third party provides any access to those data over GitHub usually they require some external accesses so those data are not protected already by the protect but if you've got some some known and nice third party in mind you would like to have protected let us know because we are continuously developing our software and maybe it it will be putted on our roadmap and is it possible to use cheat protect for free when working on a 60-member project as University students a 16 project it's quite small team but usually it depends on the number of repositories but if you will get for example to GitHub Marketplace and if you will type their cheat protect oh you don't you can't see my screen so let me maybe try to I don't know why the screen disappeared uh some issues yeah there is a screen so one more time okay let's go to the marketplace oh you can't see my screen yet but already here we can see it now gets up up okay yeah okay perfectly so right now we are in in GitHub Marketplace and if we'll type their product foreign here you can find our software and there is free version of of cheat protect you can use it's limited it's limited up to 50 repositories 15 repositories so if you are not over exceeding the number of these repositories you can easily protect them for free with no fees at all okay about encryption key I've just answered so it's already not possible but we are going to implement Azure vault as external external secret provider which notifications channel are available to the user in case of failure so you can be notified over email slack and there are also web hooks so so so you can assign any service which which supports web hooks is there any notification logic when the responsible person not resolve the issue the second person is notified oh it's not our task we are just making a backup of your data quite often your backup should be is encrypted on the storage so we are not analyzing the content of of your of your repository we'll have access if I understand collect Retreat project will have access to our code for backup processes yes it will otherwise we won't be able able to make backup of your data but of course you can assign for example jit protect using using access token and in that way you can also easily you can easily you can easily control what should protect has access to okay and I think this was this was the last question I have to answer there's one more the the someone wants to know if they can have a t-shirt like yours you know we don't have any any special promo about the tickets pre about the T-shirt prepared but just let us know and and I you want just contact me directly and I will find something for you oh thank you for me too because yeah sure sure sure sure we will find some some more t-shirts for you so it's good time to ask so so just just let me know and and we will see what we can do maybe some some contest or something I don't know it's task for our marketing but I believe they will find some way to provide you the difference and I think from my side last but not least we've got the special promo for you as I said so so you can easily go to our website which is cheatprotect.io and using cheats promo 40 code which you can see here on with yellow color you can easily get 30 off on our services so I think the code is pretty easy and you you write it down so whenever you want you can use such code it will be valid at least until the end of the month so thank you for your time for your patience I hope I didn't board you so much so thank you and made it back up be with you we did a cool slogan like that at GitHub I mean I can carry it like we need to we need to figure out something something that we could say I'm just going to quickly share my screen where we're going to race through to the end because uh thanks for staying with us I know that you've been back as far as the poll results go I'm going to share these I won't go through them now because we don't have the time but I'll share these in a follow-up email that everyone will get the thank you for the attendance and I'll let you know what the poll results were what I can tell you is that um uh you know most people haven't been affected by a ransomware attack but still uh uh about 21 have been either personally or with the organization that's huge 21 yeah yeah it is a huge you know um as we used to say we can we can divide people into two different groups to one who was affected by the run somewhere and another one who will be affected by the ransomers so so I'm glad that most of you haven't been affected by by the ransomware yet so but you have to be aware of of this risk um now when is for this we do have some winners um Ziad can you post in the chat because I know you sent it to me but I can't uh get there right now but uh could you post in the chat we have two 25 Amazon gift cards to give away for people that have uh were active obviously in the most amount of questions don't worry if you're not here because we have run out run over time we'll email you but if you're not here if you didn't hear me say that but I don't know why I did but uh but anyway um and um that's that's that's it for today so thank you very much for for joining the webinar the recording will be available um and of course in the the thank you email that we'll send through uh there'll be contact details in there to learn more about git protect or to ask questions um from the guardian Orchid protect so Greg I'd like to formally thank you so much for coming on it was a fascinating uh fascinating session um so thank you for making the time uh and I look forward to uh hearing from you again in the future so thank you everyone thank you Greg and I'll see you all next time and thank you too it was my pleasure and I hope there will be more opportunities to talk about the data security in the future so thank you one more time