GitHub Advanced Security

GitHub Advanced Security (GH-500T00-A)

Delivery methods

On-Site, Virtual

Duration

1 day

GitHub Advanced Security (GHAS) plays a crucial role in enhancing the security posture of software development projects on GitHub. It provides a comprehensive set of tools and features designed to identify and address security vulnerabilities throughout the development lifecycle. By integrating security directly into the development process with GHAS, your team can build more secure and reliable software. The course will explore how to utilize GHAS to maximize security impact and understand GHAS and its role in the security ecosystem.

Learning Objectives

Understand and configure GitHub Advanced Security features.
Implement Dependabot for automated dependency updates.
Set up and manage secret scanning to protect sensitive information.
Configure code scanning using CodeQL for vulnerability detection.
Analyze and interpret CodeQL scan results.
Administer security policies and manage sensitive data within GitHub

Who Should Attend

This course is intended for students who want to understand and implement advanced security practices with the help of GitHub Advanced Security (GHAS). They will learn how to significantly enhance software development processes and create a more resilient and secure development ecosystem using developer-first solutions to unlock the ability to keep code, supply chain, and secrets secure before you push to production. They will learn how GHAS gives security teams visibility into the cross-organizational security posture and supply chain and unparalleled access to curated security intelligence from millions of developers and security researchers around the world.

Prerequisites

A GitHub account
Basic understanding of GitHub fundamentals

1Introduction to GitHub Advanced Security

Define GHAS and the importance of its integral features
How to utilize GHAS to get the most impact
Understand GHAS and its role in the security ecosystem

2Configure Dependabot security updates on your GitHub repo

Manage your dependencies on GitHub
Dependabot alerts
Dependabot security updates
Manage Dependabot notifications and reports
Dependency review
Exercise - Configure Dependabot security updates

3Configure and use secret scanning in your GitHub repository

What is secret scanning?
Configure secret scanning
Use secret scanning

4Configure code scanning on GitHub

What is code scanning?
Enable code scanning with third party tools
Configure code scanning
Configure code scanning exercise

5Identify security vulnerabilities in your codebase by using CodeQL

Prepare a database for CodeQL

Run CodeQL in a database

Understand CodeQL results

Troubleshoot CodeQL results

6Code scanning with GitHub CodeQL

What is CodeQL?

How does CodeQL analyze code?

What is QL?

Code scanning and CodeQL

Customize your code scanning workflow with CodeQL - Part 1

Exercise - Reference a CodeQL query

Customize your code scanning workflow with CodeQL - Part 2

Use the CodeQL CLI

Customize languages and builds for code scanning

Exercise - Configure a CodeQL language matrix

7GitHub administration for GitHub Advanced Security

What is GitHub Advanced Security?

Enable GitHub Advanced Security

Manage access to GitHub Advanced Security

Manage the GitHub Advanced Security features and alerts

8Manage sensitive data and security policies within GitHub

Setting security policies

Create and manage repository rulesets

Reporting and logging

Exercise

Ready to accelerate your team's innovation?

Schedule a meeting

Unlock your team’s potential and get the most from your tech stack

Schedule a meeting