Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
- This module will help you become familiar with GitHub's Advanced Security features and best practices. As you learn about these features, you'll identify critical areas for eliminating security gaps.
By the end of this module, you'll be able to:
- Define GHAS and key features such as secret scanning, code scanning, and Dependabot
- Use GHAS to maximize security impact
- Explain GHAS and its role in the security ecosystem
- Learn how to configure Dependabot security updates on your GitHub repo.
By the end of this module, you'll be able to:
- Describe the available tools for managing vulnerable dependencies on GitHub.
- Enable and configure Dependabot alerts.
- Identify the permissions and roles required to view and enable Dependabot alerts.
- Enable and configure Dependabot security updates.
- Identify, review, and address vulnerable dependencies.
- Explain how to use GraphQL API to retrieve vulnerability information.
- Explain how to configure notifications for vulnerable dependencies.
- On completing this module, you'll understand how secret scanning works to configure and use it efficiently.
By the end of this module, you'll be able to:
- Describe secret scanning.
- Configure secret scanning.
- Use secret scanning.
- This module introduces you to code scanning and its features. You'll learn how to implement code scanning using CodeQL, third party tools, and GitHub Actions.
After completing this module, you'll be able to:
- Describe code scanning.
- List the steps for enabling code scanning in a repository.
- List the steps for enabling code scanning with third-party analysis.
- Contrast how to implement CodeQL analysis in a GitHub Actions workflow versus a third-party continuous integration (CI) tool.
- Explain how to configure code scanning on a repository using triggering events.
- Contrast the frequency of code scanning workflows (scheduled vs triggered by events).
