This hands-on, instructor-led course, GH-500T00: GitHub Advanced Security, offers an in-depth exploration of GitHub's security features, including secret scanning, code scanning with CodeQL, and dependency management. Participants will learn to configure and utilize these tools to enhance their software development security posture. The GH-500 course also covers administrative aspects, such as setting security policies and managing sensitive data within GitHub.
Course Objectives
- Understand and configure GitHub Advanced Security features.
- Implement Dependabot for automated dependency updates.
- Set up and manage secret scanning to protect sensitive information.
- Configure code scanning using CodeQL for vulnerability detection.
- Analyze and interpret CodeQL scan results.
Who Should Attend GitHub Advanced Security Course
- DevOps Engineer
COURSE OUTLINE
- Introduction to GitHub Advanced Security
- Configure Dependabot security updates on your GitHub repo
- Configure and use secret scanning in your GitHub repository
- Configure code scanning on GitHub
- Identify security vulnerabilities in your codebase by using CodeQL
- Code scanning with GitHub CodeQL
- GitHub administration for GitHub Advanced Security
- Manage sensitive data and security policies within GitHub
