Driving Digital Transformation in Manufacturing with GitHub Advanced Security & Copilot

Company

A Fortune 500 global diversified technology and industrial business company. It operates through three business segments: Building Efficiency, Automotive Experience, and Power Solutions.

Location
Milwaukee, WI
Industry
Engineering, Manufacturing
BY THE NUMBERS
11% Increase
Efficiency gained by developers
72% Reduction
Dependency of online resources
About

To increase productivity and security using GitHub Copilot and GitHub Advanced Security (GHAS).

A global Fortune 500 leader in building technologies and solutions and, operates through several siloed, global business units, each with its developer languages, security tools, and initiatives. With a mandate from the CTO to increase productivity and security, they sought to leverage GitHub Copilot and GitHub Advanced Security (GHAS) to achieve these goals. Before a widespread rollout to 1,000 developers, a proof of concept (POC) and pilot program were initiated, onboarding 200 developers to form a GHAS Champion Team. 

Challenge

Improve security outcomes but also streamline and enhance development efficiency.

The business set out to gain a comprehensive understanding of the unique workflows and tasks across its diverse engineering teams to effectively pinpoint the most valuable use cases for GitHub Copilot. This involved a detailed exploration of how different teams could benefit from the tool as well as a thorough assessment of the potential return on investment (ROI) that could justify a more extensive deployment of the technology across the organization.

In addition to this, they needed to establish a strong foundational baseline for GitHub Advanced Security (GHAS). This baseline would be instrumental in ensuring that GHAS could be seamlessly integrated into existing workflows and fully leveraged alongside CodeQL, maximizing its impact on security practices throughout the engineering teams. By doing so, they aimed to not only improve security outcomes but also streamline and enhance development efficiency across the board.

Solution

Deliver extensive upskilling and training and implementation of GHAS and Copilot.

Atmosera worked closely with their development and security teams to deliver extensive training and support, empowering the GHAS Champion Teams. This collaboration involved aligning productivity objectives, team structures, and technical environments. Additionally, Atmosera provided implementation guides, established standard workflows, and shared best practices to streamline processes.

Implementation Details

Copilot Implementation:

  • Aligned GitHub Copilot’s deployment with its productivity targets and team structures.
  • Trained champion users to fully leverage GitHub Copilot’s features and adhere to best practices.
  • Conducted ongoing reviews of performance metrics and developed strategies to scale GitHub Copilot to 1,000 developers, with a long-term vision of reaching all 4,500 developers.

GHAS Implementation:

  • Collaborated with security teams to review and configure the GitHub Advanced Security (GHAS) implementations.
  • Delivered detailed implementation guides, common workflows, and standardized guidelines tailored specifically to its operational needs.
  • Provided remediation for existing CodeQL actions.
  • Offered training and upskilling for effective GHAS usage within a large enterprise context.
Outcome

Results and Impact 

Their CTO, tracked key metrics, revealing significant improvements: 

Time Saved:  

  • 41% of developers saved 2-5 hours/week 
  • 33% saved 1-2 hours/week 
  • 17% saved 5-10 hours/week 
  • 9% experienced minimal change 

72% reduction in dependency on online resources. 

SPACE Metrics: Activity increased from 10 to 30, PR count/day rose by 80%, code churn by 120%, cycle time decreased by 8%, merge time by 12%, and defects by 15%. 

The foundational configuration of GHAS was tailored to its unique, segmented structure, enhancing security and enabling proactive code scanning throughout the SDLC.  

Atmosera worked with several business units within the company to tackle differing levels of problems in these teams. Each team posed a unique challenge and the level of expertise needed within GHAS. The following was accomplished between the differing teams: 

  • CodeQL Remediation: Worked with the team’s Security engineers to remediate failed CodeQL deployments. 
  • Dependabot: Helped the team understand the use of dependabot and how it can benefit their coding practices. 
  • Secret Scanning: Built the team a new process and technical approach to secret scanning utilizing GHAS  

Key Learnings 

The extended pilot demonstrated that GitHub Copilot can boost velocity, reduce bugs, and align saved bandwidth with program increments, transforming its development process. Developers reported significant productivity improvements, including time savings from generated suggestions and reduced context switching.  

A 25% efficiency gain was noted (beyond time saved) across its SDLC, translating to $140,000 saved per week with 800 developers. 

GHAS improved its security standards, allowing product teams to focus on development without security concerns. It saw teams that were originally failing to produce effective results with GHAS, now able to affect teams of up to 1000 developers efficiently.  

Without proper implementation of GitHub Advanced Security, it can create too much noise for teams to properly control. An iterative and thoughtful approach to implementation is required to not overload developers and create an environment they will engage in proactively.

Why Atmosera?

As a trusted GitHub and Microsoft Partner, Atmosera consistently delivers high-impact, cost-effective solutions tailored to its needs. By maintaining a close collaboration with the business, Atmosera is committed to supporting its future growth through strategic initiatives. These plans include scaling the deployment of GitHub Copilot, providing ongoing security consulting, and offering advanced Azure consulting services. Atmosera’s expertise extends to guiding it through migrations to Azure Kubernetes Service (AKS) and transitioning from AWS to Azure, ensuring seamless and efficient cloud transformations.

Capture GHAS & Copilot's full potential

Embrace intelligent automation for faster development, stronger security, and an optimized cloud.

Case Studies

Client Success Stories

Trimble's CMS division was on the NetApp platform nearing its end of...
A Fortune 500 global giant in the information technology sector, found itself...
A Fortune 500 leader in building technologies sought to enhance productivity and...
Atmosera provided a seamless transition to Microsoft Defender services and Sentinel with...
SurveyMonkey Inc., a leading experience management company providing cloud-based software for brand...
Leveraging Azure's robust capabilities and Atmosera's specialized expertise, Protocall achieved significant improvements...

Atmosera is thrilled to announce that we have been named GitHub AI Partner of the Year.

X