Add repo cleaning advice to the security incident guidance

[MrAlecJohnson]

The most common security incident involving Analytical Platform users is accidentally committing data to Github.

The section on security incidents could benefit from:

• clarifying that this includes accidentally pushing data (including notebook outputs)
• making sure this is easy to find in search
• describing how to clean your repo's history - currently it only covers the organisational side
• making sure whatever cleaning method we suggest works on the Analytical Platform, not just on Macs

There's some mention of cleaning repos in the secrets section. It would be good to minimise any repetition between these sections.

Links

• Github's own guidance on cleaning a repo
• A Slack thread about using the bfg cleaner at the Ministry of Justice

(though note that these aren't so easy to do on the Analytical Platform)

[vonbraunbates]

What different security incidents occur on the AP? How do we know? What are their frequency and risk? We should address the very frequent and the high risk in guidance first.

I can add guidance on resolving Airflow incidents.