Subscribe
About
  • Home
  • /
  • Security
  • /
  • EXCLUSIVE: Video interview with GitHub CEO in SA

EXCLUSIVE: Video interview with GitHub CEO in SA

Adrian Hinchcliffe
By Adrian Hinchcliffe
Johannesburg, 15 Nov 2024
On his recent visit to South Africa, GitHub’s Thomas Dohmke spoke to ITWeb about software development, the role of AI and Copilot, progress in Africa, GitHub’s relationship with Microsoft, its strategic challenges and the recent GoIssue cyber threat.

Key African countries are becoming a hotbed for software developers, with over 650 000 in South Africa alone.

This is according to GitHub CEO Thomas Dohmke, who added that the integration of artificial intelligence (AI) into development tools is going to make software development easier to learn and more widely accessible.

Speaking to ITWeb during his recent visit to South Africa, he said: “We see fast growth in countries like Nigeria or Egypt, where not only is the number of developers growing faster than elsewhere in the world; here in South Africa we have over 660 000 developers on GitHub.”

This figure dwarfs oft-quoted statistics, from Google’s 2021 Africa Developer Ecosystem report, that put the figure around 120 000 professional developers.

Dohmke said this disparity is likely due to such estimates failing to include hobbyists and students.

He added that based on GitHub’s data, the number of local developers is expected to grow 25% year-on-year, while the percentage of developers focused on AI projects is set to grow at 45%.

AI is also being integrated widely across GitHub to make developers’ lives easier and more productive, he noted. And it’s helping to open doors to those coming into the space, especially with solutions like Copilot, which GitHub introduced in 2021, thanks to its parent company Microsoft’s relationship with OpenAI.

Novice developers can ask questions using Copilot and learn more about concepts and constructs as they go, said Dohmke, while more experienced developers can use the AI to assist them write code and be more efficient.

Dohmke explained that Copilot also offers support in multiple languages, meaning developers don’t need to speak English.

“You can ask questions in your mother tongue…most people don’t speak English, while the software industry is predominantly English (language-based), so it removes that barrier of entry for learning about software development.”

Another multi-language aspect of Copilot was announced at the recent GitHub Universe, held in the US. The new multi-model offers developers the ability to select which large language model they would like it to use, from OpenAI’s GPT4o, to its new o1-mini model, or using Anthropic’s Claude 3.5 Sonnet or Google Gemini 1.5 Pro (the last three are currently in preview).

In light of the recent discovery of the GoIssue cyber threat targeting GitHub users, the interview also covered GitHub’s security strategy in relation to that threat, as well as wider threats from bad actors integrating malicious code into open source libraries.

GitHub CEO Thomas Dohmke. (Image supplied by GitHub)
GitHub CEO Thomas Dohmke. (Image supplied by GitHub)

Of GitHub’s security approach, Dohmke said it has three prongs: “Number one, we want to secure our own platform, to prevent attackers being successful in phishing attacks, but also attacking our service and our infrastructure.

“As such, we have a security team that constantly monitors the security of the platform and works closely with Microsoft Security’s cyber defence operation centres sharing intelligence. Part of that includes spam protection, blocking accounts that are attempting to use GitHub for spam or for phishing or other illegal activities.”

“Number two is that, within our security team, we have the GitHub Security Lab that is working constantly on identifying security issues in open source libraries and reports them to the maintainers in a confidential way, so the maintainer can fix those issues in partnership with us.”

He added that GitHub works with foundations such as OpenSSF, the Linux Foundation and Apache Foundation, and with governments around the world on securing the software supply chain.

“Lastly, we have our own security products. With Advanced Security, we're offering customers a solution for secret scanning, identifying tokens, passwords, service principles and code, and removing them, and instead move them into a secure environment. And we have code scanning that helps to identify security vulnerabilities in code, and with Copilot Autofix we give you the fix as well, which brings the time to fix a found security vulnerability by more than a factor of three.”

Share